Last month, Google removed 25 Android apps from its Google Play Store after discovering they were stealing users’ Facebook account credentials.
The malicious apps, identified by security company Evina, appeared to be created by the same developer, Rio Reader LLC, and were downloaded more than 2.34 million times before Google decommissioned them.
The apps, which mimicked legitimate applications such as step counters, image editors, video editors, wallpaper apps, flashlight apps, file managers and mobile games, shared the same malicious code, enabling them to steal login credentials of any Facebook user.
