Register now for better personalized quote!

Android app downloaded 100,000 times from Google Play Store contained password-stealing malware, say security researchers

Mar, 22, 2022 Hi-network.com

Google has removed an app with over 100,000 downloads from its Play Store after security researchers warned that the app was able to harvest the Facebook credentials of smartphone users.

Researchers at French mobile security firm Pradeo said the app embeds Android trojan malware known as "Facestealer" because it dupes victims into typing in their Facebook credentials to a web page that transmits the credentials to the attacker's server, which happens to be a domain that was registered in Russia. 

If a user adds their credentials, the makers of the Android app then have full access to victims' Facebook accounts, including any linked payment information, such as credit card details, as well as users' conversations and searches, according to Pradeo. 

Innovation

  • I tried Apple Vision Pro and it's far ahead of where I expected
  • This tiny satellite communicator is packed full of features and peace of mind
  • How to use ChatGPT: Everything you need to know
  • These are my 5 favorite AI tools for work

"It mimics the behaviors of popular legitimate photo editing applications. In fact, it has been injected with a small piece of code that easily slips under the radar of store's safeguards," Pradeo says in a blogpost. 

SEE:Best cheap 5G phone 2022: No need to pay flagship prices for quality devices

The app 'Craftsart Cartoon Photo Tools' was billed as a tool that lets people "turn stunning looks from real cameras into paintings and cartoons" using advanced artificial intelligence and machine learning.  

However, Android users themselves appear to have detected problems with the app, validating the idea that users should always read reviews before installing an app. 

"Totally fake. The way it was advertising seems like useful. Then find out just a few filter effects for any photo," wrote one user in March. "No cartoonization anywhere. Don't download," wrote another. 

After users open the bogus photo-editing app, it opens a Facebook login page that requires the users to sign-in before they can use the app. The credentials are then transmitted to the app owner's server. 

Google encourages Android users to only install apps from its app store. However, research has shown that malicious apps can make their way into the Google Play store. Google confirmed to ZDNet that the app has been removed from the Play Store and the developer banned.

Pradeo in December raised an alarm about Joker malware being distributed on the Play Store that had been installed by over 500,000 users. That malicious app attempted to defraud users through premium mobile services and unwanted ads. 

Security

8 habits of highly secure remote workersHow to find and remove spyware from your phoneThe best VPN services: How do the top 5 compare?How to find out if you are involved in a data breach -- and what to do next
  • 8 habits of highly secure remote workers
  • How to find and remove spyware from your phone
  • The best VPN services: How do the top 5 compare?
  • How to find out if you are involved in a data breach -- and what to do next

tag-icon Hot Tags : Tech Security

Copyright © 2014-2024 Hi-Network.com | HAILIAN TECHNOLOGY CO., LIMITED | All Rights Reserved.