Malware-loaded Google Play app with 100,000 downloads caught stealing Facebook passwords

In a nutshell: This is not the first time Google has removed an app from the Play Store after finding malware in it. An app that has been downloaded over 100,000 times was able to steal mobile users’ Facebook login credentials.

French mobile security company researchers Pradeo revealed that the Craftsart Cartoon Photo Tools app contains a version of Android malware called Facestealer.

As with similar malware, Craftsart Cartoon Photo Tools delivered some of the promised features. It converted photos into cartoon or drawing-style images – there are plenty of apps available that do the same – though some reviews say it just added a filter to images. However, it included a small snippet of code that could steal users’ Facebook login credentials, thereby gaining access to their accounts and any other services that might reuse the same login/passwords.

The app performed this act of theft by directing users to a legitimate Facebook mobile login page when opened, but “injected malicious JavaScript” steals the login credentials and sends them to the C&C server. The Russian-registered domain to which the app connected was intermittently used for seven years as the command and control address for a variety of malicious Android apps.

Stolen credentials can be used to access Facebook accounts and all the personal information they contain. Hackers may also try to trick victims’ friends by sending them fake messages.

“Cybercriminals use Facebook credentials to compromise accounts in a variety of ways, the most common of which are financial scams, sending phishing links, and spreading fake news,” writes Pradeo.

We are seeing an increase in malicious apps that bypass Play Store security and download hundreds of thousands of times. They often achieve this by mimicking the features of popular apps and carefully hiding the little malware they contain, as was the case with the Joker-infected Color Message app, downloaded 500,000 times before it was removed in December.

The best way to avoid these malicious apps is to check the reviews. Many who downloaded Craftsart Cartoon Photo Tools identified it as a fake or some kind of scam – it also had a 2.1 star rating – but it still managed to get 100,000 downloads.

Source link

Leave a Reply

Your email address will not be published.

Back to top button