Google pulls down 85 apps from Play Store for stealing social network passwords

While the apps have already been pulled down from the Google Play Store, users are recommended to change their credentials.

By Chandrika
|

Be it Facebook or Instagram, most of us are too busy sharing moments from our life on various social media platforms. All these social media platforms claim to keep your passwords safe and secure. However, it seems like the reality is a bit different.

Google removes 85 apps from Play Store for stealing passwords

 

There may be many apps that secretly steals your password. Google removed a total of 85 Android apps from the Play Store after it was discovered that they are infected with malware capable of stealing social network passwords from users' devices. What's ironical is that the compromised apps were discovered by Kaspersky, the Russian cybersecurity company, whose software was recently banned in the US.

The ban came after the company was accused of having ties with Kremlin, and the malware was affecting users of the Russian social network VK. Anyway, the compromised apps were available for download in the Google Play Store.

It is worth noting that one of those apps recorded more than 1 million downloads. Named as "Mr President Rump," this particular app was a game that was released in the Play Store in March this year. Within months, its download count skyrocketed. Rest of the apps have been in the Play Store for around two years, with the download count ranging between 1,000 and 100,000.

The infected apps came with an option to authenticate on VK (the Russia-based social network) for various purposes, and asked users to provide their usernames as well as passwords. However, it is quite common for games to include Facebook or any other social media functionality for additional features like sharing high scores or gaining access to premium content.

According to Kaspersky security researcher Roman Unuchekl, malware writers probably wanted to use the stolen VK credentials to increase the number of members of groups or posts.

"These cybercriminals were publishing their malicious apps on Google Play store for more than two years so they had to modify their code to bypass detection. We think that cybercriminals use stolen credentials mostly for promoting groups in VK.com. They silently add users to promote various groups and increase their popularity by doing so," he said in a statement.

 

The malware was said to be targeting devices with languages where VK is a popular social network, including Russian, Ukrainian, Kazakh, Armenian, Romanian, Azerbaijani to name a few.

While the apps have already been pulled down from the Google Play Store, users are recommended to change their credentials.

Via

Stay updated with latest technology news & gadget reviews - Gizbot

Notification Settings X
Time Settings
Done
Clear Notification X
Do you want to clear all the notifications from your inbox?
Yes No
Settings X
We use cookies to ensure that we give you the best experience on our website. This includes cookies from third party social media websites and ad networks. Such third party cookies may track your use on Gizbot sites for better rendering. Our partners use cookies to ensure we show you advertising that is relevant to you. If you continue without changing your settings, we'll assume that you are happy to receive all cookies on Gizbot website. However, you can change your cookie settings at any time. Learn more