Watch out for this latest Android malware on Google Play

These fake apps can steal your social media passwords.

Over 200 android apps on the Google Play Store have been found to have distributed malware that can steal your personal information, hijack your social media passwords by forcing fake logins, and steal your seed phrases to siphon off your cryptocurrency investments.

According to a report by Trend Micro, more than 200 Android apps masquerading as VPN, photo editing, and fitness apps were found to be distributing a dangerous mobile malware called Facestealer.

First discovered by security researchers at Doctor Web Anti-Virus back in July 2021, Facestealer was found in 10 apps that had reportedly stolen the Facebook login credentials of multiple users before being removed from Google Play Store.

“The Facestealer spyware was first documented in July 2021 in a report by Dr. Web detailing how it stole Facebook credentials from users via fraudulent apps from Google Play,” wrote Trend Micro. “These stolen credentials could then be used to compromise Facebook accounts for malicious purposes such as phishing scams, fake posts, and ad bots. Similar to Joker, another piece of mobile malware, Facestealer changes its code frequently, thus spawning many variants. Since its discovery, the spyware has continuously beleaguered Google Play.”

“During our recent research into malicious mobile apps, we encountered more than 200 additional apps of the Facestealer spyware in the Trend Micro Mobile App Reputation Service (MARS)  database.”

Of the 200 apps, 42 were disguised as VPN services, 13 were impersonating as photo editing applications, 40 were found to be fake cryptocurrency miner apps and 20 were masking as camera applications.

All 200 apps have now been removed from Google Play and other download sources. However, these apps were able to rack up thousands of downloads before getting banned from the platform.

How to avoid malware on Google Play Store?

1. Always check the developer/publisher and number of downloads. Apps with a recognised developer/publisher and large number of downloads are usually legitimate.
2. Only malicious apps will ask for excessive permission. VPN apps do not need permission for camera, microphone and photos, for instance.
3. If an app requires “additional downloads” from third-party sources or tries to sideload a different app, please steer clear of the app.
4. Read the app’s reviews. Always check to see if there are any strange user concerns or experiences with the app.
5. Do not download apps from third-party marketplaces.

Remember that even though Google Play has built-in anti-malware safeguards, these malicious app developers can trick Google into believing that their apps are safe. So, it is up to the user to do the due diligence and to be extra careful when downloading strange apps from the Google Play Store.