How to identify and Remove Android Apps that are Stealing Facebook Login Information?

Controversy and Facebook are becoming inseparable. But this time, it is not Facebook’s fault. Some of the Android apps are found that they are stealing your Facebook login information when you install them on your Android mobile. Unfortunately, The apps are not third-party apps. They are installed from Play Store. Even if Google removed those apps now, You might install the app on your mobile. It is wise to check whether you installed the apps or not on your mobile. Here we listed all Android Apps that are Stealing Facebook Login Information. When you find the apps are installed on your mobile, Follow our additional steps to take security measures.
Facebook App in the Play Store

You may not love to read this, but it’s very true. If you’re using any of these apps mentioned below, the chances are that your Facebook data has been accessed by an unauthorized person, or rather, some tricky app developers. Dr. Web’s recent check showed that several Android apps have trojans that steal their users’ Facebook login details, and we all know what that means.

Mainly, many of us prefer installing the app we use on our Android phones from Google Play Store. Yes, the app store is more reliable for downloading clean apps that do not contain viruses. However, Google’s algorithm may not properly scrutinize the many apps various developers upload to the app store. So these things are bound to happen, howbeit, once in a while.

List of Android Apps Was Deleted From Play Store For Stealing Users Facebook Login Information

Well, as it stands, Google has already removed the indicated apps from Play Store. But just in case you have them installed on your device, you need to uninstall them now and change your Facebook login credentials.

  • Rubbish Cleaner, developed by SNT.rbcl (100,000+ downloads).
  • PIP Photo, developed by Lillians (5,000,000+ downloads).
  • Horoscope Daily, developed by HscopeDaily momo (100,000+ downloads).
  • Processing Photo, developed by chikumburahamilton (500,000+ downloads).
  • Inwell Fitness, developed by Reuben Germaine (100,000+ downloads).
  • Lockit Master, developed by Enali mchicolo (5000+ downloads).
  • App Lock Keep, developed by Sheralaw Rence (50,000+ downloads).
  • Horoscope Pi, developed by Talleyr Shauna (1000+ downloads).
  • App Lock Manager, developed by Implummet col (10+ downloads).

How These Apps Steal Your Facebook Login?

  • Dr.Web confirmed that these apps actually work for the purpose they are created. The photo editing apps actually help you to edit your images, the fitness app works well, and every one of them works just fine for their various purposes.

However, these apps conceal staler trojans that hijack users’ Facebook credentials. Here’s how they work:

These trojans used a special mechanism that receives the necessary settings from one of the C&C servers upon launch. Afterward, they’d load the legitimate Facebook web page https://www.facebook.com/login.php into WebView. Next, they loaded JavaScript received from the C&C server into the same WebView. This script was directly used to highjack the entered login credentials. After that, this JavaScript, using the methods provided through the JavascriptInterface annotation, passed stolen login and password to the trojan applications, which then transferred the data to the attackers’ C&C server. After the victim logged into their account, the trojans also stole cookies from the current authorization session. Those cookies were also sent to cybercriminals.”

How to identify and Remove Facebook Login Stealing Apps?

This alert from DR Web calls for additional carefulness when installing apps from Play Store and when asked to log in to an app using your Facebook details. The detected Trojan malware has five (5) variants, which are Android.PWS.Facebook.13, Android.PWS.Facebook.14, Android.PWS.Facebook.15, Android.PWS.Facebook.17, and Android.PWS.Facebook.18.

  • Go to Settings>Apps.
  • Find any apps that have package names like Android.PWS.Facebook.
  • Remove the app.
  • Also, uninstall the App from the above-mentioned list.

How to Protect Your Facebook account after removing the Apps?

If you had installed any of these apps on your Android device, you should change your FB login credentials and set up 2FA. Follow the below steps one by one to secure your account. For user’s safety, Google has removed the apps from Play Store.

1.Logout of all Sessions

Facebook Logout of All Sessions

  • Go to your Facebook account> Settings>Security and Login.
  • Check with When you are logged in> Scroll down to the bottom and select “Logout of all Sessions.” It will log out your account from all devices. You can log in again when you need in your trusted devices.

2.Setup Strong Password using Password Generator

When your account is compromised, they already have your password. So, It is necessary to set up a strong password using combinations. It is a better idea to use an Automatic password generator. You can use Lastpass Generator or any other third-party site to get a Strong Password and Setup New password. You can chan get your password using the below step.

  • Go to your Facebook account> Settings>Security and Login>Change Password.

3.Revoke unnecessary permissions for third-party apps

Most of us may not know when you predict your character points or character predicts apps; They will ask your permission to know your additional details. Sometimes they may use this information somewhere else. So, It is necessary to revoke permissions from unknown third-party apps. When you have a Business page, check with the Automatic schedule post partner. Other than that, Revoke Unnecessary apps. Follow the below steps to revoke your permission.

Facebook Revoke Apps Permissions

  • Go to your Facebook account> Settings>Apps and Websites.
  • Remove unknown Apps.

4.Setup Two-factor Authentication

It is always a necessary security measure to protect your account using Two-factor authentication. When you set up automatic posts, you need to set up additional steps; for regular users, follow the below steps to set up Two-factor authentication.

Two Factor Authentication in Facebook

  • Go to your Facebook account> Settings>Security and Login> Two-factor Authentication> Edit.

Facebook Two Factor Authentication Apps Options

  • You can choose between App Passwords, Text Messages on your Mobile, and Physical Keys.
  • For regular users, Text Messages or App Passwords are enough. App Passwords are efficient. Text Messages sometimes may or may not receive, and it depends on the Network conditions.
  • You can use Google Authenticator or Authy to scan QR codes for Authentication App passwords.
  • For automatic posts using your Schedule post partner, you can generate App Passwords in the same section. You can use it instead of Facebook Password.

5.Enable Login Alerts

You should enable this to get the information when your Facebook account is logged in to unknown locations.

Facebook App Passwords

  • Go to your Facebook account> Settings>Security and Login> Get Alerts about unrecognized logins.

Wrap Up

Even if Google removed the Facebook login stealing apps from Play Store, When you installed the apps, they may record your password and send it to their server. So, It is necessary to take additional security steps to protect your account. Google Play Store has an in-built scanner that will check your mobile apps frequently. It is better when you don’t install unknown sources from outside other than Play Store. The Apps only have Passwords until now. So, When you quickly add additional protective layers, you can protect your account. When you use Two-factor authentication in any available apps, you can protect your account most of the time. Did you install any one of those apps? Did you any additional notice about the login alert? Share your experience below.

Source, (2)

Share This Post:

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.