TRENDING ON ONEINDIA
- 2019 Lok Sabha — All You Need To Know
- Hero ISL To Resume From Jan 25th; Kerala Blasters To Face ATK
- Owning A Maruti Suzuki Is Now A Special Occasion — Here's How
- Asus ZenFone Max M2 — Detailed Review
- Why Cheat India — Movie Review
- 7 Best SBI Mutual Fund Schemes To Invest Through SIP
- Benefits Of Drinking Black Coffee
- Vikramshila — The Forgotten University In Bhagalpur, Bihar
Be it Facebook or Instagram, most of us are too busy sharing moments from our life on various social media platforms. All these social media platforms claim to keep your passwords safe and secure. However, it seems like the reality is a bit different.
There may be many apps that secretly steals your password. Google removed a total of 85 Android apps from the Play Store after it was discovered that they are infected with malware capable of stealing social network passwords from users' devices. What's ironical is that the compromised apps were discovered by Kaspersky, the Russian cybersecurity company, whose software was recently banned in the US.
The ban came after the company was accused of having ties with Kremlin, and the malware was affecting users of the Russian social network VK. Anyway, the compromised apps were available for download in the Google Play Store.
It is worth noting that one of those apps recorded more than 1 million downloads. Named as "Mr President Rump," this particular app was a game that was released in the Play Store in March this year. Within months, its download count skyrocketed. Rest of the apps have been in the Play Store for around two years, with the download count ranging between 1,000 and 100,000.
The infected apps came with an option to authenticate on VK (the Russia-based social network) for various purposes, and asked users to provide their usernames as well as passwords. However, it is quite common for games to include Facebook or any other social media functionality for additional features like sharing high scores or gaining access to premium content.
According to Kaspersky security researcher Roman Unuchekl, malware writers probably wanted to use the stolen VK credentials to increase the number of members of groups or posts.
"These cybercriminals were publishing their malicious apps on Google Play store for more than two years so they had to modify their code to bypass detection. We think that cybercriminals use stolen credentials mostly for promoting groups in VK.com. They silently add users to promote various groups and increase their popularity by doing so," he said in a statement.
The malware was said to be targeting devices with languages where VK is a popular social network, including Russian, Ukrainian, Kazakh, Armenian, Romanian, Azerbaijani to name a few.
While the apps have already been pulled down from the Google Play Store, users are recommended to change their credentials.