Free Android app steals your private credentials

It happened again. A free Android app widely downloaded from the Google Play Store is loaded with malware that tricks you into entering your secret credentials in order to hijack them. If you have installed the following Android app, you should delete it immediately and change your access data.

Free Android app steals your access data

Although Google tries to check the apps in the Play Store so that no infected or malicious applications are loaded there, attackers always manage to get free apps with malware into the store. So also in this case. It’s the Android app “Craftsart Cartoon Photo Tools”. You upload your photo to the app and get a cartoon-style picture in return. Sounds cool, and it is. That’s why the app was downloaded over 100,000 times. This is now becoming a problem (source: bleeding computer).

In fact, the Android app is viz infected with the FaceStealer Trojan, which at some point prompts you to enter your personal access data to Facebook. These are then sent to the attackers and can be misused. Google has probably already deleted the app because we couldn’t find it anymore.

Important: If you still have “Craftsart Cartoon Photo Tools” installed on your smartphone, you must absolutely delete the app. To be on the safe side, you should also change your password on Facebook and turn on two-factor authentication. If you have also used the access data from Facebook, i.e. e-mail address and password, elsewhere, you should change them immediately.

In the video we explain what malware actually is:

Essential tips for free Android apps

If you download a free Android app from the Google Play Store, you should always pay attention to the behavior of the app. Do the required permissions match the app? Photo editing software does not need access to your contacts or phone function. Does the app ask me for credentials that do not belong to the app itself? If this happens, delete the app immediately. Should I install another file or app via the app? This is also dangerous, because it bypasses Google’s security mechanisms. So also delete.

If you don’t just accept everything a free Android app asks of you and also read what permissions are granted, you’re on the safe side.