In a nutshell: Not for the first time, Google has removed an app from the Play Store after discovering it harbored malware. The application, which had been downloaded over 100,000 times, was able to steal mobile users' Facebook login credentials.
As with similar malicious applications, Craftsart Cartoon Photo Tools did perform some of its promised functions. It converted photos into cartoon- or painting-style images—there are numerous apps available that do the same thing—though some reviews say it merely added a filter to images. However, it included a small piece of code that could steal users' Facebook login credentials, thereby gaining access to their accounts and any other services that may reuse the same login/passwords.
The stolen credentials could be used to access Facebook accounts and all the personal information they contain. Hackers could also try to dupe victims' friends by sending them fake messages.
"Facebook credentials are used by cybercriminals to compromise accounts in multiple ways, the most common being to commit financial fraud, send phishing links and spread fake news," wrote Pradeo.
We're seeing an increasing number of malicious apps circumventing the Play Store's safeguards and being downloaded hundreds of thousands of times. They often achieve this by mimicking popular apps' functions and thoroughly concealing what little malicious code they contain, as was the case with the Joker-infected Color Message app downloaded 500,000 times before it was removed in December.
The best way to avoid these malicious apps is to check the reviews. Many who downloaded Craftsart Cartoon Photo Tools identified it as a fake or some kind of scam—it also had a 2.1-star rating—but it still managed to gain 100,000 downloads.