Security researchers found more than 200 Android apps compromised by the Facestealer spyware. Hundreds of these apps are used by cybercriminals to steal login credentials such as passwords and other valuable information.
Facestealer is a spyware that was first reported by Doctor Web in July 2021. The application that spreads this spyware is designed to steal sensitive data, such as Facebook passwords.
"Similar to Joker, another type of mobile malware, Facestealer often changes its code so that it gives rise to many variants," said Trend Micro analysts in the report, as quoted by The Hacker News, Thursday (19/5/2022).
"Since its discovery, this spyware has continued to haunt Google Play," he continued.
Of the 200 apps that Trend Micro found, 42 were VPN service provider apps. Meanwhile, 20 others are camera applications, 13 are photo editing applications, and another 125 are in the miscellaneous category.
In addition to stealing login credentials, these hundreds of apps are also designed to collect Facebook cookies and personally identifiable information associated with victims' accounts.
Not only applications that were compromised by spyware, Trend Micro also found more than 40 malicious crypto miner applications. These apps trick users into buying paid services or clicking on ads with the lure of fake crypto tokens.
Some of the found malicious crypto mining apps, such as Cryptomining Farm Your own Coin, can even steal the mnemonic phrases normally used to recover crypto wallets when they are lost.
Trend Micro did not reveal the names of the hundreds of malicious apps they found. But there are some applications that they highlight which are:
Daily Fitness OL
Enjoy Photo Editor
Panoramic Camera
Photo Gaming Puzzle
Swarm Photo
Business Meta Manager
Cryptomining Farm Your own Coin
Currently these apps have been removed from the Play Store after Google learned of their original purpose. But users who have already downloaded these apps are advised to immediately delete them from their phones and change their Facebook passwords.
To avoid apps that carry malware and spyware, users are advised to always check the reviews on the app store and the reputation of the developer. Users are also advised not to download apps from third-party sources as unofficial app stores like these are used to spread malicious apps.