More than 200 Android apps on the Play Store were found distributing spyware called Facestealer that is used to steal sensitive data.
Trend Micro researchers spotted over 200 Android apps on the Play Store distributing the spyware that can steal sensitive data from infected devices. The malicious apps can also steal credentials, Facebook cookies, and other personally identifiable information.
Some of the malicious apps that were discovered by the experts have been installed over a hundred thousand times.
The Facestealer spyware which was first spotted in July 2021 by Dr. Web researchers refers to a group of fraudulent apps that invade the official app marketplace for Android with the goal of stealing sensitive data such as Facebook login credentials.
Most of the malicious apps were VPN software (42), Camera (20), and Photo Editing (13). The researchers also spotted 40 fake cryptocurrency miner apps that are variants of similar apps that they discovered in August 2021. The apps deceive users into subscribing to paid services or clicking on ads.
According to a report published b Trend Micro, Facestealer apps are disguised as simple tools — such as virtual private network (VPN), camera, photo editing, and fitness apps — making them attractive to persuade the users who use these types of apps. With the fake cryptocurrency miner apps, their operators not only try to make profit from their victims by duping them into buying fake cloud-based cryptocurrency-mining services, but they also try to harvest private keys and other sensitive cryptocurrency-related information from users who are interested in what they offer.