Researchers have uncovered a malicious app in the Google Play store. Titled “Craftsart Cartoon Photo Tools,” the app converts images into their cartoon versions — and also steals users’ Facebook login data.
The app has been removed from the store, but it had already been installed over 100,000 times.
It’s far from the first time a Google Play malware app has spread far and wide through the online store (Squid Game-themed malware was big for a while), so consider this your reminder to weed out any old apps that aren’t trustworthy brands. Let’s be honest, you probably never use them anyway.
The Scam
This time around, security researchers at the mobile security firm Pradeo were the ones to identify the malware and how it works.
The app uses a trojan called “FaceStealer” in order to display a Facebook login screen and requires users to enter their login data before using the app, Bleeping Computer reports. The login is real (unlike some big phishing scams), but the app also sends the information to a server at which the attackers can collect it.
The app also collects and steals additional data after that, so here’s hoping the 100,000 victims can identify and delete the app today.
Facebook Passwords Are Big Targets
When was the last time you changed your Facebook password? Plenty of people set it and forget it, staying permanently logged in on their devices, and that means that a stolen Facebook credential has a long shelf-life. Fake apps that hoover up Facebook data are easy ways to collect useful personal information, and many of them reel in a lot more than just 100,000 victims.
Last year, a group of nine apps were pulled from the Play store for stealing Facebook passwords — after they’d been downloaded a collective total of over 5.8 million times.
Part of the problem is the wild west of the Google Play store, which is lightly curated rather than closely watched. As Tech.co writer Duncan Lambden explained it last October:
“Google’s Play store is a lot less curated than Apple’s App Store. Developers can essentially post anything on the Play Store with little resistance, as long as it’s not blatantly illegal. Any uploaded app will undergo an automated check for any kind of virus-like code, but developers are constantly finding ways around these checks.”
The trustworthy Google brand can make their app store appear safe and secure, but the fact that Google Play is so often ground zero for these malware incidents indicates otherwise.
Staying Safe
First, change your Facebook password every so often — this is also good practice for every online account you use, and the longer the password, the better.
Yes, it’s a pain to do, but with a decent password manager, you won’t have to remember every single new phrase you come up with. We’ve rounded up the top management tools to consider for your Android phone.
And, while installing a fun new app, check that it’s from a brand you trust. And when it comes to the novelty single-use apps, consider just skipping them entirely. You can probably find a cartoon filter on a major app if you’re committed to seeing the Toontown version of yourself.
