In June, Google removed over 50 apps from its Play Store, after discovering they contained a malicious adware which could leave Android devices unusable.
A cyber security firm has now revealed a further 25 malicious apps which have been banned by Google, and is advising Android users to remove them from their devices.
The apps allow hackers to target Facebook users and steal their personal details. In total the 25 malicious apps have been installed over 2.3 million times.
Who discovered the malicious apps?
French cyber-security firm Evina was behind the discovery of the new malware. The company confirmed the apps had been able to infiltrate devices by posing as legitimate services, such as games, flashlights, phone wallpapers, and step counters.
How do the apps steal personal data?
Once the apps have been installed, a malicious code hidden within the code waits until the user launches Facebook in order to start stealing their personal data.
The app mimics Facebook’s login page by overlaying a web browser window on top of the official Facebook app. This is known as a phishing scam.
When users type in their usernames and passwords, this information can then be sent to the hackers, rather than to Facebook.
Speaking about the attack, Lionel Ferri, Evina CTO said, “It’s a fraudulent technique that points out the danger and reflects how important it is to protect yourself.
“It can not be identified by Facebook as the malware displays in front of the legit app when it is launched.”
Why Android users must delete the apps
Google announced that it has removed the apps after finding the French security firm's warnings to be valid. However, some of the apps had been available to download for over a year before being discovered.
While the apps are no longer available to download from the Play Store, Evina has advised all Android users to delete these apps from their phones if they installed them before Google’s clean up.
This is because Google cannot remove apps from users devices, even if they have removed the app from the Play Store.
Additionally, if you think you have downloaded one of the apps in the past, Evina advises you to change your Facebook password.
Here is the list of dangerous apps you should remove:
Super Wallpapers FlashlightPadenatefWallpaper LevelContour Level wallpaperiPlayer & iWallpaperVideo MakerColor WallpapersPedometerPowerful FlashlightSuper Bright FlashlightSuper FlashlightSolitare GameAccurate scanning of QR codeClassic card gameJunk file cleaningSynthetic ZFile ManagerComposite ZScreenshot CaptureDaily Horoscope WallpapersWuxia ReaderPlus WeatherAnime Live WallpaperHealth Step Countercom.tqyapp.fiction