Google has removed an app with more than 1 million downloads from the Play Store after a warning from security researchers that it collects Facebook user credentials.
As explained by the specialists of the French information security company Pradeo, the application infects the Android device with the Facestealer Trojan, which deceives users into entering their credentials for authorization in Facebook on a special web page that transmits this data to a server controlled by attackers.
After the victim opens the fake app, a phishing Facebook authorization page appears requesting credentials. If the user enters their data, the creators of the application will have full access to their Facebook account, including payment information, dialogs and search.
The malicious Craftsart Cartoon Photo Tools application is copied from popular legitimate photo editors and allegedly allows you to turn photos taken on camera into paintings and cartoons using artificial intelligence and machine learning technologies. However, the “photo editor” doesn’t actually do anything like that, about which many reviews have been published in the app store.