Tech Gaming Report

Latest Tech & Gaming News

Caution: This Android App Steals Your Data - Over 100,000 Downloads

Caution: This Android App Steals Your Data – Over 100,000 Downloads


An app containing a dangerous Trojan horse was available for download on Google Play. The app cleverly disguises itself by delivering the functionality it promises. It has been downloaded from Google Play over 100,000 times.

An Android app was distributed via Google Play that specifically steals Facebook account login details on Android devices. the

reported
the US IT security news site Bleepingcomputer.

The app is Craftsart Cartoon Photo Tools. This is supposed to allow you to upload a photo and turn it into a cartoon. Google has since removed the dangerous app from Google Play, but it was previously installed more than 100,000 times.

The security company Pradeo had

discovered
that in this application the

Trojan face stealer
It is hidden. Shows a Facebook login screen when the app starts. Users must first enter their Facebook login details to use Craftsart Cartoon Photo Tools. The application then sends the entered login data to a “Command and Control” server in Russia and to other third-party sites.

This is how cleverly malware camouflages itself

The malware represents only a small part of the application’s source code, which is otherwise flawless. Tampered with in this way, the app then passed the Google Play verification process. The app is also cleverly camouflaged when in use: After you’ve entered your Facebook login details, the app offers the option to upload a photo to an online editor. A graphic filter is then applied to the photo there. The image modified in this way is displayed in the application and can be downloaded and sent. So the app seems to work and the user probably doesn’t suspect a thing.

This is what you should do if you have already downloaded the application

Uninstall the app and change your Facebook credentials instantly!

Also, make sure to set up two-factor authentication for Facebook.

How to protect yourself from nasty Android apps

Basically, you just have to download Android apps from Google Play. But in this specific case, even that didn’t protect. So always be very careful when you need to enter your data in an application. Use only popular apps with a wide user base and always read user app reviews on Google Play before downloading. For “Craftsart Cartoon Photo Tools”, for example, these were very negative. Please also read the developer information available on Google Play and check if the email address provided there exists or if your email is being retrieved as undeliverable.