The matter came to the fore shortly after the Joker virus attack, when Google removed eight new Android apps just days after they were targeted.
1/6
Google has removed apps with 5.8 million downloads from the Play Store because they were stealing users’ Facebook login details. Google has banned the developers of all nine apps from the Play Store, which means they won’t be allowed to submit new apps.
2/6
Malware-laden apps offered useful services such as photo editing and framing, exercise and training, horoscopes and deleting unnecessary files from Android devices. These apps gave users the option to disable in-app ads when they logged in with a Facebook account.
3/6
According to a post published by security firm Dr Webb, users who opted in saw a Facebook login form in which they had to fill in the username and password. The security firm investigated malware programs to determine if the apps received settings to steal Facebook account logins and passwords.
4/6
The app tricked users into stealing their login details by loading them into the Facebook sign-in page. The report states that the malware will also steal cookies from the authority session. In each case, Facebook was targeted because developers could take advantage of other valid Internet services by using fake logins to the phishing site.
5/6
These Android apps included Rubish Cleaner, Inwell Fitness, Horoscope Daily, which were downloaded by around 1 lakh people each, while AppLock Keep, Lockit Master got 50,000 downloads each.
6/6
A Google spokesperson told Ars Technica that the company has also banned the developers of all nine apps from the store. However, this is a minor issue for defaulters as there is a $25 fee to create a new developer account.
.