An app containing a dangerous Trojan horse was available for download on Google Play. The app cleverly disguises itself by delivering the functionality it promises. It has been downloaded from Google Playstore by over 100,000 times.
An Android app was distributed via Google Playstore that specifically steals Facebook account login details on Android devices. This was reported by the US IT security news site Bleepingcomputer.
The app is Crafts, Art Cartoon Photo Tools. This is supposed to allow you to upload a photo and turn it into a cartoon. Google has since removed the dangerous app from Google Play, but it was previously installed more than 100,000 times.
The security company parade had discovered That in this application the Trojan face stealer It is hidden. Shows a Facebook login screen when the app starts. Users must first enter their Facebook login details to use Crafts, Art Cartoon Photo Tools. The application then sends the entered login data to a “Command and Control” server in Russia and to other third-party sites.
This is how cleverly malware camouflage itself
The malware represents only a small part of the application’s source code, which is otherwise flawless. Tampered with in this way, the app, then passed the Google Play verification process. The app is also cleverly camouflaged when in use: After you’ve entered your Facebook login details, the app offers the option to upload a photo to an online editor. A graphic filter is then applied to the photo there. The image modified in this way is displayed in the application and can be downloaded and sent. So the app seems to work and the user probably doesn’t suspect a thing.