The anti-virus company Dr.Web reported that there are at least 9 applications on Google Play that found malicious code. It can be used to hijack Facebook and other social media accounts.
The list of applications looks like this:
- Processing Photo
- PIP Photo
- Rubbish Cleaner
- App Lock Keep
- App Lock Manager
- Lockit master
- Horoscope pi
- Horoscope daily
- Inkwell fitness
Some have reportedly been downloaded nearly 6 million times. Others several hundred times. However, they are all dangerous.
The deception scheme worked like this: the user was offered to connect advanced options and get rid of ads by logging in through Facebook. However, after that, they were redirected to a fake social network login page, from where the data was transferred to hackers.
At the moment, apps have been removed from Google Play, but they need to be removed from devices as well.