Google removed 25 apps from the Google Play store that were capturing user Facebook login information.
The applications, which pretended to be photo editors, file managers, flash apps, mobile games, among others, were created by the same developer, Rio Reader LLC. Together, the 25 apps exceed 2 million downloads.
According to a research report cited by ZDNet, the apps worked legitimately, but in the background they analyzed the apps running on the phone. If the recently launched or background app was Facebook, the malicious app displayed a Web page posing as the official Facebook login.
If a user didn’t detect that it was a fake page, they could enter their login details, which were sent to a now inaccessible server, says ZDNet.
According to the report, the 25 applications were reported since May by an investigative firm. Google removed the apps in early June, although some of the noted apps were available for more than a year, says ZDNet.