After discovering that nine Android Apps, including one with millions of users, were collecting users’ Facebook Inc. login credentials, Google LLC deleted them from the Play store. The programs, dubbed “stealer Trojans,” were discovered and disclosed on July 1 by malware specialists at Dr. Web. They were distributed as harmless software and were installed nearly 6 million times.
Unlike earlier instances of malicious Android Apps being detected, the apps, in this case, all provided legitimate services such as photo editing and framing, exercise and training, horoscopes, and junk file cleanup. For example, PIP Photo had up to 5 million downloads, Processing Photo had up to 500,000 downloads, Rubbish Cleaner, Horoscope Daily, and Inwell Fitness had up to 100,000 downloads, and App Lock Keep had up to 50,000 downloads. The list was completed by Lockit Master, Horoscope Pi, and App Lock Manager.