Mobile cybersecurity researchers discovered a harmful Android app on the Google Play Store that steals users’ Facebook credentials to gain full access to their data, including credit card details, conversations, searches and more.
Cybersecurity company Pradeo detected the malicious Android app, discovering that it uses social engineering techniques to steal Facebook credentials and make connections to a Russian server. More than 100,000 users have the app installed, but the company has reported the app has now been removed from the Google Play Store.
The Android app, known as “Craftsart Cartoon Photo Tools,” disguised itself as a legitimate photo-editing application. As Pradeo states, it holds a small piece of code that slips under the radar of the Google Store’s security. What’s more, it embeds an Android trojan known as Facestealer.
Once a user launches the app, a Facebook login page opens and restricts the user from using the app until they input their username and password. If they do, this information is automatically transmitted to the hackers.
“The application Craftsart Cartoon Photo Tools makes connections to a domain registered in Russia,” states cybersecurity researcher Roxane Suau. “Our research shows that this domain has been used for 7 years on and off, and is connected to multiple malicious mobile applications that were at some points available on Google Play and later deleted.”
Suau continues: “To maintain a presence on Google Play, repackaging mobile apps is common practice for cybercriminals. Sometimes, we even observed cases in which repackaging was entirely automated.”
While the Android app has now been removed from the Google Play Store, it’s a good idea to check and delete the app if it happens to be on your phone.
This isn’t the only malware threat spotted this month, as hackers have also found a way to infiltrate iPhones using Apple’s own developer tools. What’s worse, it’s left a victim $20,000 out of pocket. If you’re in need of another layer of security on your phone, check out our best antivirus apps.