The iPhone 15 Pro would finally have physical buttons, Apple
Play Store: this Android malware threatens to hack your Facebook account
An Android malware called FaceStealer lurks on the Play Store. According to an investigation, this spy virus is designed to steal your Facebook account credentials. More than 100,000 users have already installed the infected application that hides the malware.
Pradeo computer security researchers warn Android users. After an investigation, the experts discovered the trace of a new malware on the Play Store. Dubbed FaceStealer, the virus is designed to steal Facebook credentials and transmit them to Russian servers, which have long been owned by hackers.
Using this data (passwords and username), the hackers behind the attack can take control from your Facebook account. “The authors who take advantage of this spyware have full access to the victims’ Facebook accounts and all the data they contain.such as their credit card details, conversations, searches”underlines the Pradeo report.
Over 100,000 Android users installed spyware
To infiltrate the smartphone of their victims, the malware hides in an Android application from the Play Store, Craftsart Cartoon Photo Tools. This application, seemingly harmless, offers users to upload an image and convert it into a cartoon image. Since its appearance on the online store, the application has been installed more than 100,000 times.
Once installed on the victim’s smartphone, the spyware will “imitate the workings of legitimate photo editing apps” in order to “cover up its illegal activities”. To circumvent Google’s security measures, the virus comes down to a piece of code hidden in that of the application.
As soon as the user will open the application, a window will ask him to connect to his Facebook account to be able to use the editing software. This is where the hackers get the data to log into the account.
Read also: This Android malware steals your Facebook account, even if it is well protected
This data is then exploited by criminals. Through the account, they can deploy phishing attacks, spread fake news or “carry out financial fraud”. We advise you to be careful if an application requires, for no apparent reason, access to your Facebook account or any social network.