Imagine downloading a fun photo-editing app in hopes of turning yourself into a cartoon. Instead, the app doesn’t even work — and to add insult to injury, it steals your Facebook credentials. This isn’t imaginary: It’s based on a true story of about 100,000 people who recently downloaded a malicious app.
You don’t have to gamble on random, suspicious apps to edit your face and have fun. You can rely on a trustworthy brand like Adobe and download Photoshop Express for free photo editing fun. Tap or click here for five new features in Photoshop Express you haven’t heard about.
Despite its cute and playful theme, Craftsart Cartoon Photo Tools contained dangerous Android trojan malware called Facestealer. If you’re one of the thousands of people who fell for this app, your phone could be infected. Here’s all you need to know about this threat and how to protect yourself.
Luckily, Google pulled it from the app store on Monday
It’s all thanks to a French mobile security team called Pradeo. Cybersecurity researchers blew the whistle on Pradeo’s blog. On Monday, researchers pointed out that the app stole users’ Facebook credentials through social engineering schemes.
Craftsart would tell victims they couldn’t edit photos without first logging into Facebook. Victims would then enter their Facebook username and password into what they thought was the official site. In reality, they were using a dupe that sent their credentials to a criminal server with ties to Russia.
That’s right: Craftsart Cartoon Photo Tools connected to a domain Pradeo says is registered in Russia. This domain has been linked to many malicious mobile apps throughout the years. This is especially troubling considering President Biden warned the country about Russian cyberattacks on Monday.
“The more Putin’s back is against the wall, the greater the severity of the tactics he may employ,” President Biden said. “One of the tools he’s most likely to use in my view, in our view, is cyberattacks.”
What you can do
After Pradeo alerted Google Play, the malicious app disappeared. Luckily, no one else can fall for its tricks now. But if you downloaded it in the past, you might be hearing some alarm bells in the back of your head.
Follow these steps to protect your device:
- Turn on Google Play Protect by heading to Google Play Store > Profile > Play Protect > Settings > Turn on Scan apps with Play Protect.
- Check your phone for security updates by going to Settings > System > System update.
- Have trustworthy antivirus software on all your devices. We recommend our sponsor, TotalAV. Right now, get an annual plan of TotalAV Internet Security for only $19 at ProtectWithKim.com. That’s over 85% off the regular price!
- Now that you’ve protected your phone as best as you can, it’s time to delete the infected app by going to Settings > Apps & notifications > See all apps. Tap Craftsart Cartoon Photo Tools and select Uninstall.
If you have downloaded it in the past and already deleted it, it might be a good idea to change your Facebook password. Don’t forget to do a security checkup on your device. Open a web browser on your phone and do a Google Security Checkup. Follow the steps to give your device more robust security settings.
Next, make sure you always read the reviews before downloading an app. Many users gave this app one-star reviews and warned others it was a scam. Also, check out the guides below; we’ve written about many other shady apps you need to delete ASAP.