Nine malicious apps previously available in Google Play collected racked up 5.8 million installs on Android devices.
Hopefully you are not one of the millions of people who have installed an app called PIP Photo onto your Android device. Why is that? While it may seem like a harmless and handy image editing app, it contains malware designed to covertly swipe a person’s login credential for Facebook. Same goes for a handful of other Android apps. Each of the nine malicious apps discovered by researchers at Doctor Web contain a trojan that gets to work trying to trick users into coughing up their Facebook usernames and passwords. What makes the apps potentially effective is that they otherwise work as intended and expected. „The applications were fully functional, which was supposed to weaken the vigilance of potential victims. With that, to access all of the apps’ functions and, allegedly, to disable in-app ads, users were prompted to log into their Facebook accounts.
