100K Google Play Users Downloaded This Password-Stealing Malware

The app uses a trojan called 'FaceStealer' in order to display a Facebook login screen that steals your data.
Adam Rowe

Researchers have uncovered a malicious app in the Google Play store. Titled “Craftsart Cartoon Photo Tools,” the app converts images into their cartoon versions — and also steals users' Facebook login data.

The app has been removed from the store, but it had already been installed over 100,000 times.

It's far from the first time a Google Play malware app has spread far and wide through the online store (Squid Game-themed malware was big for a while), so consider this your reminder to weed out any old apps that aren't trustworthy brands. Let's be honest, you probably never use them anyway.

The Scam

This time around, security researchers at the mobile security firm Pradeo were the ones to identify the malware and how it works.

The app uses a trojan called “FaceStealer” in order to display a Facebook login screen and requires users to enter their login data before using the app, Bleeping Computer reports. The login is real (unlike some big phishing scams), but the app also sends the information to a server at which the attackers can collect it.

The app also collects and steals additional data after that, so here's hoping the 100,000 victims can identify and delete the app today.

Facebook Passwords Are Big Targets

When was the last time you changed your Facebook password? Plenty of people set it and forget it, staying permanently logged in on their devices, and that means that a stolen Facebook credential has a long shelf-life. Fake apps that hoover up Facebook data are easy ways to collect useful personal information, and many of them reel in a lot more than just 100,000 victims.

Last year, a group of nine apps were pulled from the Play store for stealing Facebook passwords — after they'd been downloaded a collective total of over 5.8 million times.

Part of the problem is the wild west of the Google Play store, which is lightly curated rather than closely watched. As Tech.co writer Duncan Lambden explained it last October:

“Google's Play store is a lot less curated than Apple's App Store. Developers can essentially post anything on the Play Store with little resistance, as long as it's not blatantly illegal. Any uploaded app will undergo an automated check for any kind of virus-like code, but developers are constantly finding ways around these checks.”

The trustworthy Google brand can make their app store appear safe and secure, but the fact that Google Play is so often ground zero for these malware incidents indicates otherwise.

Staying Safe

First, change your Facebook password every so often — this is also good practice for every online account you use, and the longer the password, the better.

Yes, it's a pain to do, but with a decent password manager, you won't have to remember every single new phrase you come up with. We've rounded up the top management tools to consider for your Android phone.

And, while installing a fun new app, check that it's from a brand you trust. And when it comes to the novelty single-use apps, consider just skipping them entirely. You can probably find a cartoon filter on a major app if you're committed to seeing the Toontown version of yourself.

Did you find this article helpful? Click on one of the following buttons
We're so happy you liked! Get more delivered to your inbox just like it.

We're sorry this article didn't help you today – we welcome feedback, so if there's any way you feel we could improve our content, please email us at contact@tech.co

Adam is a writer at Tech.co and has worked as a tech writer, blogger and copy editor for more than a decade. He's also a Forbes Contributor on the publishing industry, for which he was named a Digital Book World 2018 award finalist. His work has appeared in publications including Popular Mechanics and IDG Connect, and he has an art history book on 1970s sci-fi coming out from Abrams Books in 2022. In the meantime, he's hunting own the latest news on VPNs, POS systems, and the future of tech.

Explore More See all news
close Thinking about your online privacy? NordVPN is Tech.co's top-rated VPN service See Deals