Skip to content

Google kicks app with 5.8M downloads for stealing Facebook logins

Photo editors, horoscopes, and fitness apps amongst the genres found to be intercepting Facebook login data across nine apps.

Seamus Byrne
Seamus Byrne
1 min read
Google kicks app with 5.8M downloads for stealing Facebook logins

Researchers found a number of fully authorised apps in the Google Play Store were found to be stealing user credentials for Facebook in otherwise fully functional apps for tasks like photo editing, fitness, horoscopes and even the classic vector for dodgy things – pretending to help you clean up other dodgy things off your phone.

After researchers from security firm Dr. Web alerted Google to the problem apps, they were all removed. But they were vetted as clean apps by Google the first time around... so there's that...

The nine apps were:

  • Processing Photo
  • App Lock Keep
  • Rubbish Cleaner
  • Horoscope Daily
  • Horoscope Pi
  • App Lock Manager
  • Lockit Master
  • Inwell Fitness
  • PIP Photo

That last, PIP Photo, was the most downloaded with 5.8M, while the others ranged from 10 to 100,000 downloads.

The apps were largely appearing to be advertising supported, with an offer to remove the ads by asking you to login to Facebook. But the Facebook login was hijacking the user credentials during this authorisation process.

As ever, stay careful out there, and don't trust reviews or download numbers alone. These apps really worked and did what they said they did, so don't think you'll see flashing lights saying 'SCAM' to warn you something is up.


Seamus Byrne Twitter

Founder and Head of Content at Byteside.

Related Posts

Members Public

Maintaining a clear sense of the future

In 1999 I completely dismissed the importance of flash memory cards as a storage medium for the future. It taught me big lessons on how to consider a technology's long-term potential.

An advanced robot looks toward a sunset from a mountain above a city skyline.
Members Public

Building a 21st Century knowledge engine

ChatGPT reveals the potential for a Knowledge Engine that can speed up our ability to learn.

Building a 21st Century knowledge engine
Members Public

Welcome to Dragon Talk: D&D's Shelly Mazzanoble & Greg Tito visit Byteside

We're talking to the co-hosts of the official Dungeons & Dragons podcast about their new book looking back at how the show came to mean so much to the D&D community.

Part of the bright red book cover art, saying "Welcome to Dragon Talk: Inspiring Conversations About"