Pradeo is a mobile security company that often analyzes mobile applications independently. They look for security issues, malware, and trojans. The company has recently found a trojan, dubbed Facestealer, on an app called “Craftsart Cartoon Photo Tools.”
Estimated reading time: 2 minutes
According to Pradeo, Facestealer uses social engineering to swipe the user’s Facebook credentials and then connects to a server that is based in Russia. Facestealer then has full access to the target’s entire Facebook account, including credit card info and more. Pradeo has alerted Google about the application, so hopefully, Google will remove it.
The abovementioned mobile application is distributed on Google play and third-party application stores. To reach a large public and conceal its illegal activities, it mimics the behaviors of popular legitimate photo editing applications. In fact, it has been injected with a small piece of code that easily slips under the radar of store’s safeguards.
As soon as the application is launched by users, a Facebook login page is opened and they cannot use the application if they do not log in. When they do, their username and password are automatically transmitted to cybercriminals that own the application.
Facebook credentials are used by cybercriminals to compromise accounts in multiple ways, the most common being to commit financial fraud, send phishing links and spread fake news.
Pradeo
The app is rated very low as users find that it doesn’t offer what they were expecting, probably because it’s made to mostly house Facestealer, and the rest is just a cover. Pradeo’s recommendation is to delete the app if you have installed it and change your passwords for your Facebook account.
What do you think of Facestealer? Did you install this app? Please share your thoughts on any of the social media pages listed below. You can also comment on our MeWe page by joining the MeWe social network.