Google removes 25 apps for stealing Facebook login credentials – Here is the complete list of apps
New Delhi: Search engine giant Google is learned to have struck down 25 apps for phishing on the Facebook login credentials of users.
According to the French cyber-security firm, Evina the new malware steals Facebook logins and could effectively ruin your online and offline life.
“New ways of perpetrating fraud are regularly brought to the attention of our cybersecurity experts and we recently discovered new malware that steals Facebook logins. This malware could effectively ruin your online and offline life by making off with the credentials of one of your most valued pieces of digital real estate. The malware was embedded in a large number of popular apps,” Evina wrote in a blog post.
1. Super Wallpapers Flashlight
2. Padenatef
3. Wallpaper Level
4. Contour level wallpaper
5. iPlayer & iWallpaper
6. Video Maker
7. Color Wallpapers
8. Pedometer
9. Powerful Flashlight
10. Super Bright Flashlight
11. Super Flashlight
12. Solitaire Game
13. Accurate scanning of Meade
14. Classic card game
15.Junk file cleaning
16. Synthetic Z
17. File Manager
18. Composite Z
19. Screenshot Capture
20. Daily Horoscope Wallpapers
21. Wuxia Reader
22. Plus Weather
23. Anime Live Wallpaper
24. iHealth Step Counter
25. com.tgyapp.fiction
“We had Google shut down those applications. Evina managed to successfully reverse-engineer the malware which enabled us to protect end-users against it,” the cyber research firm said.
The above malicious apps, Evina says, collectively had over 25 lakh downloads.
The security firm further said that when an application is launched on your phone, the malware queries the application name and if it is a Facebook application, the malware will launch a browser that loads Facebook at the same time.
“The browser is displayed in the foreground which makes you think that the application launched it. When you enter your credentials into this browser, the malware executes java script to retrieve them. The malware then sends your account information to a server,” it added.