Facestealer Malware Infected More than 200 Apps in the Google Play
Trend Micro analysts have noticed that the Facestealer malware continues to infiltrate the Google Play Store. For example, more than 200 variants of malware were recently discovered in the official app store. Currently, the malware has already been removed from the Google Play Store.
Recall that Facestealer was first detected back in 2021, and in March of this year, information security specialists from Pradeo found infected applications in the Google Play Store that were installed more than 100,000 times.
Let me remind you that we also wrote that SharkBot Trojan Again Infiltrates the Google Play Store.
As the name implies, Facestealer is designed to steal logins and passwords from Facebook accounts, which are then used by attackers for phishing, publishing fakes, and as advertising bots.
As Trend Micro now reports, some of the apps they found have been installed over 100,000 times.
The report notes that Facestealer-infected apps often look like photo editing, processing, or sharing tools, but can also take other forms. For example, researchers talk about Daily Fitness OL, which is advertised as a fitness app with exercises and video tutorials.
This fake fitness app prompts users to log in to Facebook through the built-in browser, and then a JavaScript code is “injected into the loaded page to steal the credentials entered by the user.”