Google is still racing to remove Android apps that violate major privacy laws. According to Ars Technica, Google has removed nine apps from the Google Play Store after Dr. Web analysts discovered they were trojans stealing Facebook login information.
The malware had over 5.8 million combined downloads and posed as easy-to-find titles such as “Horoscope Daily” and “Rubbish Cleaner.”
They would also steal authorization session cookies. In each case, Facebook was the intended destination, but the creators could have easily directed users to other internet services.
Google told Ars that it had banned all of the app developers from the store, which may not be much of a deterrent given that the perpetrators can easily create new developer accounts. To keep the attackers out, Google may need to screen for malware.
The question is, of course, how the apps accumulated as many downloads as they did prior to the takedown. Google’s largely automated screening keeps a lot of malware out of the Play Store.
The subtlety of the technique may have allowed the rogue apps to slip past these defenses, leaving victims unaware that their Facebook data had been compromised.
Whatever the reason, it’s safe to say that downloading utilities from unknown developers, no matter how popular they appear, should be avoided.