Android malware disguised as a cartoonifier app infects 100,000+ devices

Android Malware

A malicious Android app that steals Facebook credentials managed to get into Google Play Store and has already been installed over 100,000 times. The app is called Craftsart Cartoon Photo Tools and claims to be a cartoonifier app where users can upload a photo and convert it into a cartoon.

The app includes FaceStealer trojan that steals Facebook login credentials. Security researchers at mobile security firm Pradeo discovered this malicious app and reported it to Google. He noted that the app displays a Facebook login screen before users can use the app. Once a user enters login details, it is sent to a command and control server.

Craftsart Cartoon Photo Tools

After Pradeo reported the app, Google removed it from the Play Store. If you are one of those people who installed the app, remote it now and change your Facebook password.

To boost app downloads, the app listing includes h developer’s name as ‘Google Commerce Ltd’. Many people could think it as an app from Google and trust it. The privacy policy is hosted on Blogspot and lists a fake email address for contact.

Google tries a lot but malicious apps manage their way into Google Play Store. So, you should always be careful while installing an app on your phone. Take a proper look at permissions the app asks for and avoid adding confidential information.

Share this article
Shareable URL
Prev Post

Realme GT Neo3 with 6.7-inch 120Hz AMOLED display, up to 150W fast charging announced

Next Post

Twitter app now lets users create GIFs using the iOS camera

Leave a Reply
Read next
Subscribe to our newsletter
Get notified of the best deals on our WordPress themes.
0
Share