At least 85 applications have been found in Google Play Store that are a threat to the cyber-security of the people who download them. Hacker News reports that the apps were “designed to steal credentials from users of Russian-based social network VK.com and were successfully downloaded millions of times.”
One of the apps was a gaming app that was downloaded over a million times. According to researchers, some of the more popular apps that were downloaded by users included, “seven apps with between 10,000 and 100,000 installations, nine with between 1,000 and 10,000 installations, and rest of all had fewer than 1,000 installations.”
The news site also reported that the information stolen through the apps was used by cybercriminals to promote groups and increase their popularity. This is accomplished by adding new users to the groups via the stolen information.
Hacker News suggests that to avoid having your credentials stolen in these kinds of scams is to be vigilant when downloading apps, verify app permissions, and check the apps reviews before downloading them.