That our electronic devices are infected by any type of virus or malware is one of our most frequent concerns. They steal our most personal data, our email access account, they steal confidential information and much more. of more inconveniences. The Google Play Store is usually a place where these types of threats are hosted, so you have to be very careful with the applications that you download from the Google store.
A malicious Android app that steals Facebook login credentials has led more than 100,000 users to install it on their Android devices. Also, it is still available for download.
This is the FaceStealer Trojan
This Android malware is disguised as a cartoon app called “Craftsart Cartoon Photo Tools” , a type of application that is very fashionable and that allows us to upload our own image to turn it into a cartoon.
Last week, security researchers at Pradeo discovered that the Trojan housed within this app is capable of displaying a Facebook login screen for users to log in to access the app. According to Jamf Michal Rajčan, a security researcher, when a user enters their login credentials, the data is sent to a malicious server where attackers can then retrieve the information. Furthermore, the malicious Android app will connect to the URL of www.dozenorms[.]club, an address where the data is sent and which has also been previously used to promote other malicious FaceStealer Android apps.
As Pradeo explains in a report , “The author and distributor of these apps appears to have automated the repackaging process and injected a small piece of malicious code into a legitimate app.” Once logged in it will provide limited functionality by uploading a specific image to the online editor, http://color.photofuneditor.com/, which will apply a graphics filter to the image. An image that the user can download and send to their contacts. Since we have become accustomed to having to log in to a server to access many of the apps available in the Play Store, it is very easy to fall for this threat , since we do not check or suspect that logging in, apparently through of Facebook, could become a problem for us.
App “Craftsart Cartoon Photo Tools”
Beware of cartoon apps
Despite being fun applications with which we can acquire cartoon features, it is recommended that users be careful with them, since they require us to enter confidential information such as our biometric data, that is, a photo of our face. By sharing on a remote server we run the risk that our photo may be kept indefinitely, shared through other means or resold.
Unfortunately, it is more common than we would like for these kinds of malicious apps to sneak into the Google Play Store and install themselves there until users uncover them by giving bad reviews . As shown in the following image, the reviews in the case of “Craftsart Cartoon Photo Tools” are especially negative, not exceeding a 1.7 score.
Negative reviews on the Play Store
In addition, another piece of information that should alarm us is that the contact details of the app indicate a Gmail email address of a random person. For his part, Pradeo informed Google of the malicious nature of the application, so it should disappear shortly. If you have it installed on your Android mobile or tablet, delete it immediately and change the password to access Facebook. For added protection, you should also turn on 2-Step Verification.