Last updated on July 28th, 2022 at 01:20 am
It has been determined that Facestealer malware targeting Android users is distributed on Google Play and third-party application stores under the name Craftsart Cartoon Photo Tools.
The Craftsart Cartoon Photo Tools application allows users to upload an image and convert it into a cartoon image. It has been determined that the malware distributed within the application is FaceStealer malware, also called Android/Trojan.Spy.Facestealer.
The malicious piece of code that sends data to the C2 server:
The mobile app imitates the behavior of popular photo editing apps to reach a large audience and ensure confidentiality. In this way, the security measures of the application markets are bypassed. In this context, it is recommended to use MDM software and Anti-Malware solutions, which are corporate mobile device management applications. In addition, it is important to prevent the IoC findings of the pest from the security solutions in use.