The Craftsart Cartoon Photo Tools application allows users to upload an image and convert it into a cartoon image. It has been determined that the malware distributed within the application is FaceStealer malware, also called Android/Trojan.Spy.Facestealer.
The malicious piece of code that sends data to the C2 server:
The mobile app imitates the behavior of popular photo editing apps to reach a large audience and ensure confidentiality. In this way, the security measures of the application markets are bypassed. In this context, it is recommended to use MDM software and Anti-Malware solutions, which are corporate mobile device management applications. In addition, it is important to prevent the IoC findings of the pest from the security solutions in use.[/vc_column_text][vc_empty_space][/vc_column][/vc_row]