Cybersecurity experts have spotted five apps containing malware. Once downloaded, they can steal Facebook credentials.
Malware is circulating freely as apps on Google Play. This malware, capable of recovering data from Facebook, has been downloaded more than two million times. Cybersecurity researchers from Dr. Web are behind this discovery, which they detailed in a report published on June 15, 2022. Among the fraudulent apps spotted by the experts, five are still available on Google Play.
All are actually Trojan horses, malicious software that discreetly infiltrates the smartphone and attaches itself to other programs. Three of them are intended to hack Facebook accounts by recovering identifiers during a connection. The other two are adware, bogus apps that mass-produce unwanted and intrusive advertisements.
Dr. Web analysts say data-stealing Trojans and adware have been among the top threats to Android since May. The report indicates that there are also spyware capable of capturing the code during a double authentication.
Five of these fraudulent applications are still available on Google Play after verification on June 15:
It is :
- PIP Pic Camera Photo Editor – 1 million downloads – malware pretending to be image editing software, but which steals the credentials of its users’ Facebook accounts.
- Wild & Exotic Animal Wallpaper – 500,000 downloads – adware that adds to battery saving settings.
- ZodiHoroscope Fortune Finder – 500,000 downloads – malware that steals Facebook IDs by tricking users into entering them, supposedly to disable in-app ads.
- PIP Camera 2022 – 50,000 downloads – photo effects application that also targets the Facebook account.
- Magnifier Flashlight – 10,000 downloads – adware that serves video and banner ads.
Google still fails to properly filter applications on its download platform. Worse, these fraudulent apps can survive on Google Play as long as they have not been spotted by cyber experts.