Google has recently removed 25 chienese applications from its Play Store after French cyber-security firm Evina claimed that they stole Facebook credentials of users. The firm even mentioned that by the time they were taken down, these 25 apps were downloaded some 2.34 million times in total. Also mentioned was that these apps were created by the same group. 


And while all of them seemed different in offerings and features, they served the same purpose under the hood. These apps were from different genres, as reported by ZDnet. While some were step counters, image editors, video editor apps, others were wallpaper apps, flashlight applications, file managers, and mobile games.


Here is the list of apps that have now been removed from the Google Play Store:


Super Wallpapers Flashlight


Padenatef


Wallpaper Level


Contour level wallpaper


Iplayer & iwallpaper


Video maker


Color Wallpapers


Pedometer


Powerful Flashlight


Super Bright Flashlight


Super Flashlight


Solitaire


Accurate scanning of QR code


Classic card game


Junk file cleaning


Synthetic Z


File Manager


Composite Z


Screenshot capture


Daily Horoscope Wallpapers


Wuxia Reader


Plus Weather


Anime Live Wallpaper


iHealth step counter


Com.tyapp.fiction


Out of these, Super Wallpapers Flashlight and Padenatef were the only apps that were downloaded 500,000 times. Most were downloaded 100,000 times while the last three were downloaded roughly 100 times.


These apps included malicious code that detected which app is opened in the background and foreground. If it was Facebook, the malicious app will show an overlaid web browser window on top of the Facebook app and load the fake login page. The user then gives his/her credentials thinking of it as a legit page.


All these apps were reported to Google in May and the company removed these apps earlier this month. Although the Play Store is now slightly more secure with these apps gone, what however still remains a question is that despite Google’s stringent processes of approving apps, how are such app still making their way to the Play Store.