Google Play Store Photo Editor Apps Are Actually Android Malwares! Uninstall 3 Dangerous Apps Now

Google Play Store Photo Editor Apps Are Actually Android Malwares! Uninstall 3 Dangerous Apps Now
A bunch of Android apps listed on the Google Play Store were recently discovered stealing Facebook users' credentials, running ad campaigns and collecting payment information. Unfortunately, over 500,000 unaware users have already installed them. Patrick Lux/Getty Images

A bunch of Android apps listed on the Google Play Store were recently discovered stealing Facebook users' credentials, running ad campaigns and collecting payment information. Unfortunately, over 500,000 unaware users have already installed them.

Typically, many available apps on Google Play Store would ask users if they want to "sign in with Facebook." This option makes it easier for the users to remember their account details and for the app to quickly verify the users' identity.

Unfortunately, malicious actors have exploited this system, using the linked-up account details to steal sensitive user information.

Android Malware Discovered: Do Not Download These Apps

Sources from BleepingComputer explained the nature of this newly discovered malware. They received technical advice from Tatyana Shishkova, an Android malware analyst at Kaspersky, and Maxime Ingrao, a security researcher at Evina.

To quickly summarize, these apps would first ask for Facebook account credentials via "sign in." It would then collect Facebook account information via encrypted JavaScript. The malicious app would eventually access Facebook Graph API, where it would see ad campaigns and stored payment information. Eventually, the hacker would create their own ad campaigns. Hackers would also connect the victim's Facebook credentials and link their payment information on the newly developed campaign.

The Android apps discovered with this malware are:

  • Blender Photo Editor - Easy Photo Background Editor
  • Magic Photo Lab - Photo Editor
  • Pix Photo Motion Edit 2021

Ingrao explained in detail how he found the suspicious codes on these apps. "I noticed the suspicious code first by doing a dynamic analysis. I noticed that the WebView was running JavaScript to retrieve the credentials. Then I downloaded the code and I recoded the function that decrypts the texts inside the code, that's how I found the executed JavaScript and the calls to the Facebook Graph API," per BleepingComputer

Android users are warned to be extremely careful because these apps had "passed" Google Play Store's standards. Users who recognize these apps should immediately uninstall them now.

Google Play Store Apps: Malware Apps Removed

Fortunately, at the time of writing, Google acknowledged the issue and deleted the applications. Links to these applications would redirect users to a "sorry not found" webpage.

To avoid falling victim to malware, Android users should reconsider downloading the best android antivirus apps available. Here are the top five choices in Google Play Store:

5. Bitdefender Mobile Security: Nearly flawless malware protection that features android wear integration, VPN service, and malicious website blocker. It also has data-breach notification features.

4. Kaspersky Mobile Antivirus: Offers a wide range of protection services, including call filters and web blockers for phishing websites. However, keep in mind that Kaspersky has the least privacy tools available on its app.

3. Norton Mobile Security: It has a unique feature called App Advisor. App Advisor would regularly check app data usage and monitors it for any unusual behavior.

2. McAfee Mobile Security: This app has a unique feature called Guest. This ensures strangers using the phone would not have access to personal files.

1. Avast Mobile Security: This has features like privacy adviser, system optimizer and customizable blacklist.


Related Article: iPhone Security Vulnerability Can Expose Users to Hackers: How to Fix Major Issue

© 2024 iTech Post All rights reserved. Do not reproduce without permission.

More from iTechPost

Real Time Analytics