We can only regret it, but downloading applications from the Google Play Store does not guarantee the safety of an app. There are indeed many black sheep, of which Craftsart Cartoon Photo Tools was one.
Craftsart Cartoon Photo Tools looked like a mundane photo filters application, but actually hid a Trojan horse that steals Facebook credentials. It’s less serious than banking information data, but still, hackers can do damage with this kind of data.
The under-the-radar app
The application, identified by Pradeo security researchers, allows you to upload photos to apply a “cartoon” filter. Very basic then, and safe… At least that’s what the developer wanted users to believe. Because when connecting to his Facebook account to share the modified image, the application displayed a fake social network login page.
A screen well enough done to push the user to enter his Facebook username and password. Information that hackers collected and that could be used for attempted breaches on other websites and web services (if the victim used the same password), or for phishing.
Cleverly, the authors of the application have also arranged for Craftsart Cartoon Photo Tools to easily pass the automatic protections of the Play Store. Under these conditions, it was the faulty and perfect application… Alerted by Pradeo, Google withdrew the application from its store a few days ago. If you ever downloaded it, you must delete it immediately.
The biggest problem lies upstream. It is indeed up to the Play Store to detect and remove malicious applications at the source, users should not have to worry about the possible dangerousness of the applications present in the store. Unfortunately, we know that is not the case. Craftsart Cartoon Photo Tools has been downloaded 100,000 times…