Google has removed 25 malicious Android apps from Google Play that were stealing Facebook login credentials. If you have them installed, delete them now.
The removal of malicious apps happens after the French cybersecurity firm Evina discovered and reported that these malicious apps contain some malware that intended to hack the Facebook app from the devices on which it was installed.
Here is the list of the apps:
How these malware code apps steal your Facebook credentials?
According to Evina security experts, when you open the Facebook application on your phone, the malware app launches a browser that loads Facebook at the same time. The browser is displayed in the foreground, which makes you think that the original Facebook app launched it. When you enter your credentials into this browser, the malware executes javascript to retrieve them. The malware then sends your account information to a server.
The servers are closed now, and according to Google, the apps are removed from the Google Play Store should be automatically removed from the devices on which they were installed — thanks to Google Play Protect. But it’s worth double-checking.
If you have been a victim of this malware attack, we recommend you to activate the 2-step verification of Facebook and change the password immediately.
Also, next time, when you download and install an app, be it from Google Play or any other source, review the app permissions to make sure there’s nothing sketchy happening under the hood.
