These applications steal passwords from Facebook. Don’t have them on your mobile?

Google removed 9 apps from Google Play after it was discovered that users were stealing login information from Facebook. To this day, they also have several million downloads and at first glance it might seem that this is a completely legitimate application.

Applications steal passwords from Facebook

Security company Dr.Web has revealed that these applications use a relatively sophisticated JavaScriptwhich prompted the user to submit login information. Most of them contained ads and to remove them, all you had to do was link the application to your Facebook account. After the user accepted this offer, he was presented with a real form asking for user data from Facebook, and then the user really logged in to this social network. The form as such was therefore legitimate. Directly to However, Android WebView added JavaScript, which stole user data and sent it directly to the developers’ servers.

• PIP Photo (over 5,000,000 downloads)
• Photo Processing (over 500,000 downloads)
• Rubbish Cleaner (over 100,000 downloads)
• Inwell Fitness (over 100,000 downloads)
• Horoscope Daily (over 100,000 downloads)
• App Lock Keep (over 50,000 downloads)
• Lockit Master (over 5,000 downloads)
• Pi Horoscope (over 1,000 downloads)
• App Lock Manager (10 downloads)

After learning about these applications, Google immediately downloaded them from Google Play and prevented publishers from publishing other applications. Therefore, if you have installed one of the above applications on your phone, delete them immediately and change your Facebook password.

Have you ever encountered theft of login details?

Source: XDA-Developers