Watch Out! These Android Apps Will Steal Your Passwords and Crypto

A new report finds that spyware-riddled apps on the Google Play Store "have been installed over a hundred thousand times."

It might be time to do a quick audit of your lesser-known Android apps, as a new report found that hundreds of malicious apps are delivering spyware to thousands of devices around the world to steal passwords and cryptocurrency.

The app store is filled with millions of apps with a myriad of different functions, but that doesn’t mean all of them are safe to use. In fact, there are some substantial security threats on both Apple’s App Store and the Google Play Store, so being wary of which apps you download could save you some serious trouble.

At least your search for malicious apps has been made a bit easier, as a new report has identified some apps that you should make sure to delete immediately.

Trend Micro Report Discovers Malicious Android Apps

The report from Trend Micro found that a number of spyware-riddled apps on the Google Play Store “have been installed over a hundred thousand times” with the goal of “stealing user credentials and other sensitive user information, including private keys.”

One such piece of spyware, dubbed Facestealer, is aimed at stealing the Facebook credentials of those that download an infected app. As for how many actual apps are out there pinching your password, it’s kind of a lot.

“During our recent research into malicious mobile apps, we encountered more than 200 additional apps of the Facestealer spyware.”

That’s not all, though. The Trend Micro report also found upwards of 40 crypto miner apps that are designed to “deceive users into buying paid services or clicking on ads by luring them in with the prospect of bogus cryptocurrency earnings.” However, once you connect your wallet to the service, the malicious actors steal your private key, leaving your cryptocurrency extremely vulnerable to theft.

How to Avoid Malicious Apps

For more information about which apps to avoid, check out the Trend Micro report, which offers a few indicators of compromise to better secure your devices, passwords, and cryptocurrency wallets.

The report also provides a few common best practices that should provide you with a little more insight into how your online security can be improved. Here are some of the tips they suggest:

  • Check app reviews – Scam apps are notorious for having questionable reviews, so check the negative reviews to see if anyone else has had a bad experience before you download
  • Research developers and publishers – Even if they don’t have a bad review, a developer or publisher could have a bad reputation for scam apps
  • Avoid third-party sources – There are plenty of legitimate apps out there for whatever you need, so there’s no need to venture into the world of third-party apps

Additionally, signing up for online security tools like antivirus software can make a big difference for all your devices. They can identify malware, spyware, and other online threats, so that your devices aren’t at risk of being infected.

Did you find this article helpful? Click on one of the following buttons
We're so happy you liked! Get more delivered to your inbox just like it.

We're sorry this article didn't help you today – we welcome feedback, so if there's any way you feel we could improve our content, please email us at

Written by:
Conor is the Lead Writer for For the last six years, he’s covered everything from tech news and product reviews to digital marketing trends and business tech innovations. He's written guest posts for the likes of Forbes, Chase, WeWork, and many others, covering tech trends, business resources, and everything in between. He's also participated in events for SXSW, Tech in Motion, and General Assembly, to name a few. He also cannot pronounce the word "colloquially" correctly. You can email Conor at
Explore More See all news
Back to top
close Thinking about your online privacy? NordVPN is's top-rated VPN service See Deals