Google Play Store bans this shocking FaceStealer app; DELETE now!

    Malicious android app by the name of FaceStealer is stealing Facebook passwords. Google Play Store has slapped a ban on FaceStealer.
    By: HIMANI JHA
    | Updated on: Mar 24 2022, 16:19 IST
    Shockingly, FaceStealer was distributed via Google Play Store and third-party app stores!
    Shockingly, FaceStealer was distributed via Google Play Store and third-party app stores! (Pixabay)
    Shockingly, FaceStealer was distributed via Google Play Store and third-party app stores!
    Shockingly, FaceStealer was distributed via Google Play Store and third-party app stores! (Pixabay)

    A malicious Android app on the Google Play Store has been detected stealing Facebook credentials. Yes! The Google Play app disguised as a cartoonifier app called Craftsart Cartoon Photo Tools allows users to enter their Facebook login credentials and steal their data. Dubbed FaceStealer, trojan was distributed via Google Play Store and third-party app stores! Google Play Store has banned the app, but it may well be on your phone. The trojan has already been installed for over 100,000 times via the Google Play Store. The Android malware makes users upload an image and convert it into a cartoon rendering. This Craftsart Cartoon Photo Tools contains a trojan called Facestealer. It is detected by security researchers and mobile security firm Pradeo. The portal mentioned that the app displays a Facebook login screen that requires users to log in before using it.

    According to Jamf security researcher Michal Rajčan, as users enter their credentials, the app sends them to a command and control server at zutuu[.]info [VirusTotal], and steals their data.

    In addition to the C2 server, the malicious Android app is also connected to www.dozenorms[.]club URL [VirusTotal] where they forward the data, reported Bleeping Computers.

    The portal says that the malicious trojan Facestealer uses social engineering to steal Facebook credentials and makes connections to a Russian server and give spyware full access to victims' Facebook accounts and all data they contain, such as credit card details, conversations, searches, etc. 

    The malicious app is distributed through Google Play Store 

    The FaceStealer app is distributed through Google Play and third-party application stores. It appears like popular legitimate photo editing applications in order to reach a large public and conceal its illegal activities. The app has been injected with a small piece of code that easily passes under the radar of the store's safeguards. 

    The malicious app might have a connection with a Russian domain This is not the first time such an app has appeared on Google Play Store. Earlier also Google blocked several android apps from Google Play Store that were believed to be infected with malicious code or malware.

    Follow HT Tech for the latest tech news and reviews , also keep up with us on Twitter, Facebook, and Instagram. For our latest videos, subscribe to our YouTube channel.

    First Published Date: 24 Mar, 16:19 IST
    NEXT ARTICLE BEGINS
    keep up with tech