Security News > 2022 > March > Facestealer Trojan Hidden in Google Play Plunders Facebook Accounts
The trojanized Craftsart Cartoon Photo Tools app is available in the official Android app store, but it's actually spyware capable of stealing any and all information from victims' social-media accounts.
A popular mobile app in the official Google Play store called "Craftsart Cartoon Photo Tools" has racked up more than 100,000 installs - but unfortunately for the app's enthusiasts, it contains a version of the Facestealer Android malware.
Facestealer is a known Android threat that has made its way into Google Play in the past via trojanized apps.
"To maintain a presence on Google Play, repackaging mobile apps is common practice for cybercriminals. Sometimes, we even observed cases in which repackaging was entirely automated."
Pradeo researchers said they alerted the Google Play team about the app, but as of Monday, it was still available in the official store.
"The most common way to sneak malware onto Google Play is for a trojan to mimic a legitimate app already published on the site with the addition of a small piece of code to decrypt and launch a payload from the trojan's body or download it from the attackers' server," researchers explained.
News URL
https://threatpost.com/facestealer-trojan-google-play-facebook/179015/