Google Play Removes 25 Apps Caught Stealing Facebook Credentials From Users: Evina

Cyber-security firm, Evina notes that these 25 apps collectively had over 25 lakh downloads.

Advertisement
By Abhik Sengupta | Updated: 1 July 2020 13:37 IST
Highlights
  • Most of the malicious apps offered wallpapers, video editing tools
  • Google removed these apps earlier in June
  • It is unclear how the apps avoided Google Play Protect detection
Google Play Removes 25 Apps Caught Stealing Facebook Credentials From Users: Evina

Users' Facebook credentials were sent to a remote server

Photo Credit: Evina

Google is said to have removed 25 apps from its Google Play store that were caught stealing Facebook credentials. According to the French cyber-security firm, Evina, these malicious apps collectively had over 25 lakh downloads. The apps reportedly offered different functionalities, though they used the same method for extracting users' credentials. Some of the apps had been available on the Google Play store for over two years before they were finally removed, the cyber-security firm highlighted.

The findings were published in a blog post by Evina and were first reported by ZDNet. Google removed the apps earlier in June after the cyber-security firm reported its potential threat in May this year. Most of these malicious apps offered new wallpapers, while others provided video editing tools and flashlight tools. Apps such as Super Wallpapers Flashlight and Padenatef had over 5 lakh downloads each on Google Play.

How did the apps steal Facebook credentials?

According to Evina, once the user launched the contentious app on their smartphone, the malicious app detected what app a user recently opened and had in the phone's foreground. "If it is a Facebook application, the malware will launch a browser that loads Facebook at the same time. The browser is displayed in the foreground which makes you think that the application launched it," the cyber-security firm explains.

Once the user put their Facebook login details on the phishing page (which features a black bar instead of a blue bar of the original Facebook app), the malicious then sent the credentials to a remote server. This could potentially allow attackers to access all data stored on the Facebook account or even allow them to access other websites where users' have logged in via their Facebook account.

Advertisement

Evina, however, has not clarified how these malicious apps avoided detection by Google's Play Protection service. The full list of these malicious Android apps is listed on Evina's website.

ZDNet citing the cyber-security firm notes that all of the 25 malicious apps were developed by a single threat group.

In 2020, will WhatsApp get the killer feature that every Indian is waiting for? We discussed this on Orbital, our weekly technology podcast, which you can subscribe to via Apple Podcasts or RSS, download the episode, or just hit the play button below.

 
Post your comments

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.

Further reading: Google, Google Play, Malicious Apps, Play Store, Fraudulent Apps, Android Malware, Malware
Poco M2 Pro Launch Set for July 7, Quad Rear Camera Setup Confirmed
Advertisement

Related Stories

Popular on Gadgets
Latest Gadgets
Popular Mobile Brands
#Trending Stories
  1. OnePlus Nord 5 and Nord CE 5 Colour Options, Key Features Leaked
  2. Nothing Phone 3 to Be Equipped With the Snapdragon 8s Gen 4 SoC
  3. Samsung Galaxy M36 5G to Launch in India Soon; Design, Price Range Teased
  4. Trump Mobile T1 Phone With 5,000mAh Battery Announced; See Price, Features
  5. Apple Said to Launch Watch Ultra 3 and Watch Series 11 This Year
  6. Donkey Kong Bananza is Getting a Direct Presentation This Week
  7. Samsung Galaxy S25 Ultra Price in India Discounted for a Limited Time
  8. Poco F7 5G to Launch in India and Global Markets on This Date
  9. Sony Bravia 8 II QD-OLED TV Series Launched in India: See Price, Features
#Latest Stories
  1. Nintendo Direct Livestream Featuring Donkey Kong Bananza Announced for June 18
  2. Amazfit Active 2 Square Debuts With 1.75-Inch AMOLED Display and Up to 10 Days Battery Life
  3. Samsung’s Exynos 2500 SoC Confirmed to Feature Satellite Connectivity Ahead of Galaxy Z Flip 7 Launch
  4. Nothing Phone 3 Confirmed to Come With Snapdragon 8s Gen 4 SoC Ahead of July 1 Launch
  5. Samsung Galaxy M36 5G India Launch Teased; Rear Design and Price Range Revealed
  6. Reddit Unveils Reddit Community Intelligence, Its Suite of AI-Powered Ad Tools for Enterprises
  7. Sony Bravia 8 II QD-OLED TV Series With Acoustic Surface+ Audio, Studio Calibrated Mode Launched in India
  8. Asus Unveils Refreshed Vivobook S16, S16 OLED Laptops in India Alongside Vivobook S14: Price, Features
  9. Apple Watch Ultra 3 Said to Launch This Year; Product Roadmap for Next Three Years Leaked
  10. Google Unveils India-Focused Safety Charter, Shares How It Is Using AI to Combat Online Frauds and Scams
Gadgets 360 is available in
Follow Us
Download Our Apps
Available in Hindi
© Copyright Red Pixels Ventures Limited 2025. All rights reserved.