Yet another malicious Android app has been found in the Google Play Store. This one is called "Craftsart Cartoon Photo Tools" and it harbors the Facestealer malware, which, as you might guess, is designed to steal your Facebook password.
"Perpetrators leveraging the spyware have full access to victims’ Facebook accounts and all data they contain, such as credit card details, conversations, searches, etc.," wrote Roxane Suau of French mobile-security firm Pradeo in a blog post yesterday (March 21).
Craftsart Cartoon Photo Tools has been removed from Google Play as of today (March 22), but because it's had at least 100,000 downloads, you'll want to make sure it's not on your phone or tablet.
The app appears to be a clone of another app with a very similar name, just with an additional bit of malware. When first installed, Suau explained, Craftsart Cartoon Photo Tools appears harmless. But then ...
"As soon as the application is launched by users, a Facebook login page is opened and they cannot use the application if they do not log in," Suau wrote. "When they do, their username and password are automatically transmitted to cybercriminals that own the application."
The Facebook credentials go to a Russian domain that has been used by cybercriminals off and on for the past seven years, Suau added.
How to remove this malicious app
The good news is that there's no other app in Google Play with exactly the same name, so identifying and removing Craftsart Cartoon Photo Tools on your device should be pretty straightforward.
To remove Craftsart Cartoon Photo Tools from your Android device, go into Settings > Apps > App management, scroll down to Craftsart Cartoon Photo Tools, tap it and tap Uninstall.
You'll then want to install one of the best Android antivirus apps to make sure this doesn't happen again. And you'll want to stick to Google Play to get your apps, because even though it's not perfectly safe, it's still a lot safer than the "off-road" app stores where Craftsart Cartoon Photo Tools can still be found.
Get the BEST of Tom’s Guide daily right in your inbox: Sign up now!
Upgrade your life with the Tom’s Guide newsletter. Subscribe now for a daily dose of the biggest tech news, lifestyle hacks and hottest deals. Elevate your everyday with our curated analysis and be the first to know about cutting-edge gadgets.
Paul Wagenseil is a senior editor at Tom's Guide focused on security and privacy. He has also been a dishwasher, fry cook, long-haul driver, code monkey and video editor. He's been rooting around in the information-security space for more than 15 years at FoxNews.com, SecurityNewsDaily, TechNewsDaily and Tom's Guide, has presented talks at the ShmooCon, DerbyCon and BSides Las Vegas hacker conferences, shown up in random TV news spots and even moderated a panel discussion at the CEDIA home-technology conference. You can follow his rants on Twitter at @snd_wagenseil.