Delete these Android apps before they steal your Facebook password and crypto

by techlowdown · 17 May 2022

If you tend to be constantly worried about the security and privacy of your data when using your mobile phone, we’re afraid today is going to be yet another one of those days.

It might be a good idea to sit down, take a deep breath, and make sure your heart medication is up to date before moving on to the next paragraphs of this article or browsing the latest Trend Micro report detailing the highly intrusive and decidedly malicious behavior of a fresh batch of “more than” 200 apps carrying a type of spyware known as “Facestealer” into hundreds of thousands of Android devices.

On top of that, the same cyber security software company caught “more than 40 fake cryptocurrency miner apps” red-handed as they tried (pretty transparently) to steal people’s hard-earned crypto money, as well as various other types of sensitive information without any form of user permission.

Here are just some of the apps you should uninstall ASAP

Daily Fitness OL
Enjoy Photo Editor
Panorama Camera
Photo Gaming Puzzle
Swarm Photo
Business Meta Manager
Cryptomining Farm Your own Coin

If that list feels just a tad shorter than one you’d expect to include 240+ titles, congratulations, your basic math skills are on point. Joking aside, these are unfortunately the only new apps explicitly named and shamed by Trend Micro, which are basically offered as general examples of titles you should look to stay away from in principle.

The good news is all seven of these malware-carrying apps, as well as the titles not made public in this report, have promptly been kicked out of the Play Store as soon as Google was informed of their true intentions and data-stealing capabilities.

The bad news is that doesn’t solve the obvious violation of privacy problem for all the Android users who installed these apps prior to this disclosure. In addition to deleting all the culprits on the above list you can find on your phone, it’s probably wise to change your Facebook password and any other login credentials for other popular apps and services you might have stored on your device while using these apps. Pronto!

What to watch out for going forward

Unfortunately, that’s not a foolproof solution to this particular scourge or similar security hazards like widespread Joker campaigns, as evidenced by the solid 4.5-star average of Photo Gaming Puzzle and Swarm Photo or the decent 4.1 score of Enjoy Photo Editor, a malicious app that managed to break the 100,000 install barrier before exiting the Play Store.

It’s probably a good idea to stay away from sketchy or unpopular VPN, camera, and photo editing apps.

Of course, there are plenty of Android “photo editors” around with even higher user rating scores and higher installation numbers, and as much as you might like to be “original” and defy trends, it’s generally safer to opt for mobile tools and services verified and praised by as many people as possible.

That is, if you like to keep your Facebook credentials a secret from bad actors who might use them in all sorts of shady ways, including to try to break into other apps and services sharing the same password to steal even more info and then sell it to the highest bidder.

As far as fake cryptocurrency miner apps are concerned, our general advice is even easier to follow. You should never, ever, ever, ever trust any such platform (especially one with an unverified and unverifiable track record) with even a dollar’s worth of your crypto or you’ll risk losing… everything in your wallet.