Banner graphic for SafeWise's Australian health insurance comparison

These 9 popular Android apps stole millions of Facebook passwords

The apps have a total of 5.8 million downloads.

Georgia Dixon
Jul 07, 2021
Icon Time To Read1 min read

We may earn money when you click our links.

Malicious apps on a Google Android phone

The Google Play Store is, unfortunately, no stranger to malicious app listings, from February's compromised QR code scanner to a massive 56 malware-infected apps in March. The most recent breach, reported by Ars Technica, has led to Google removing nine apps (with a total of 5.8 million downloads between them) for reportedly stealing users' Facebook login information.

The nine apps in question appeared to offer a legitimate, functional service in order to gain users' trust before stealing their data via a genuine-looking Facebook login form. The trojan malware also stole users' cookies and sent them to cybercriminals. Malware analysts Doctor Web made the discovery and reported it to Google, who promptly removed the malicious apps.

If you recognise any of the below apps, you may find they have already been deleted from your device. If not, you can delete them manually.

Ironically, three of the nine malicious apps (App Lock Keep, App Lock Manager and Lockit Master) were touted as security apps. There were also two photo editing apps (PIP Photo and Processing Photo), two horoscope apps (Horoscope Daily and Horoscope Pi), one file cleaner app (Rubbish Cleaner) and one workout app (Inwell Fitness).

For many people, the appeal of Android is its open-source nature and customisability. However, in recent years, it's become the operating system's Achilles heel - one which Apple has happily taken advantage of with its increasingly strict App Store and privacy protections.

Short of switching from Android to iPhone, the best thing Android users can do to protect themselves from damaging software is to be wary when downloading and updating apps and games (particularly those supported by ads). It's also important to ensure you update your device's operating system as soon as updates become available, as many contain essential security patches.

The latest breach is also a reminder that, even if an app has millions of downloads, it doesn't necessarily mean it's safe. If you suspect you may have been hit by a scam, check out this great article on Verified.org about reporting scams in Australia.

Georgia Dixon
Written by
Georgia Dixon
Georgia Dixon has over seven years' experience writing about all things tech, entertainment and lifestyle, with bylines in TechLife magazine, 7NEWS and Stuff.co.nz. In her spare time, you'll find her playing games and daydreaming about good food, wine, and dogs.

Related Articles

Photograph of the orange Wyfibox sitting in a potplant
Wyfibox review
Panacea in my pocket.
Photograph of the Hubbl Glass Smart TV in action
Foxtel’s Hubbl TV will officially launch on the 10th of March
Hubbl will be available at JB HI-FI and Harvey Norman.
DJI Osmo Pocket 3
DJI Osmo Pocket 3 review: Atypical camera, awesome results
This gadget lets you take video stabilisation into your own hands.
OPPO Air Glass 3
OPPO’s prototype smart glasses are starting to feel real
Another MWC, another set of OPPO smart-glasses.