Photo editor Android app STILL available on Google Play is infected with malware

Photo editor Android app STILL available on Google Play is infected with malware

“Log in” with Facebook does more than just login. Like many Android apps, the “Blender Photo Editor-Easy Photo Background Editor” app comes with the sign-in with Facebook functionality. Except, it also makes use of your Facebook credentials to do some fishy stuff. Tatyana Shishkova, an Android Malware Analyst at Kaspersky, discovered the “trojan” app this week which is still available on the Google Play store, at the time of writing. malicious photo editor Android app. Photo editor Android app still sitting on the Google Play store (BleepingComputer).

After BleepingComputer reported it to Google via the Play store, the software was quickly withdrawn. An Android software available on the Google Play market bills itself as a picture editor. However, it contains code that takes the user’s Facebook credentials in order to possibly execute ad campaigns on their behalf, complete with payment details. The app’s name is “Blender Photo Editor-Easy Photo Background Editor,” and it has been downloaded over 5,000 times. Similar malicious applications with over 500,000 installations were discovered on the Play Store last week.

The app contains malicious code, identical to what was found in similar “photo editor” apps last week by Maxime Ingrao, a security researcher at mobile payments cybersecurity firm Evina. These Android apps require Android users to sign in via their Facebook account to access the app, but then silently collect the credentials via encrypted JavaScript commands hidden within the app. The apps then make requests to the Facebook Graph API to peek into the user’s Facebook account and look for any ad campaigns and stored payment information.

The malware, according to Ingrao, “is very interested in the advertising campaigns you might have done and if you have a registered credit card.” This would allow the attacker behind these apps to create their own ad campaigns via the user’s Facebook credentials, and linked payment information. Ingrao had previously discovered similar malicious apps called “Magic Photo Lab – Photo Editor” and “Pix Photo Motion Edit 2021” with the latter scoring over 500,000 installs. Both apps have since been removed from the Google Play store. The researcher shared some insights with BleepingComputer as to how he found something wasn’t right with these apps.

“I noticed the suspicious code first by doing a dynamic analysis,” Ingrao tells BleepingComputer in an email interview. “I noticed that the WebView was running JavaScript to retrieve the credentials. Then I downloaded the code and I recoded the function that decrypts the texts inside the code, that’s how I found the executed JavaScript and the calls to the Facebook Graph API,” continued the French security researcher. BleepingComputer also analyzed the APK for “Blender Photo Editor-Easy Photo Background Editor,” which is still live on Google Play, and can confirm seeing identical malicious code in the app. During our analysis, we attempted to roughly reconstruct the Java source code of the Android app from the compiled APK (bytecode).

Android users should be wary of such “photo editor” apps recently seen on the Google Play store. Those who have already installed any such app should uninstall the app immediately, clean up their smartphone, and reset their Facebook credentials. BleepingComputer has reported the aforementioned Blender photo editor app to Google Play prior to publishing. Update 5:05 am ET: Google Play Store has removed the Blender photo editor app following our report. An archived copy of the app page is available.

The News Highlights

  • Photo editor Android app STILL available on Google Play is infected with malware
  • Check the latest update on Security news
  • .

Disclaimer: If you need to edit or update this news from compsmag then kindly contact us Learn more

For Latest News Follow us on Google News


Latest Headlines
  • Show all
  • Trending News
  • Popular By week
The US is considering providing $4 billion in new aid to India
The US is considering providing $4 billion in new aid to India
New Delhi announced on Monday that the US is considering providing $4 billion in “investment support” to India, on top of billions already provided. The ...
Is there a scary twist in the Indian startup story?
Is there a scary twist in the Indian startup story?
The latest to do so are SoftBank-backed pre-owned e-commerce platform Cars24 and ed-tech start-up Vedantu, which had turned unicorns in the last two years. ...
Dell's Latitude 5430 Laptop Is Rugged, Fast, And Attractive
Dell’s Latitude 5430 Laptop Is Rugged, Fast, And Attractive
If you put it in a domestic freezer after that drop onto wet grass, then pull it out after ten minutes, a couple of water and mud flecks freeze into little ...
FAMILY Fighting: TAG ARENA, a two-versus-two battle action game for PC, will be released in Early Access on August 6th
FAMILY Fighting: TAG ARENA, a two-versus-two battle action game for PC, will be released in Early Access on August 6th
This is a two-versus-two 3D tag team battle action game that can be played online. The tag team is divided into “attacker” and “support” roles, and must ...
Marvel Snap is a new multiverse card game for iPhone and android devices
Marvel Snap is a new multiverse card game for iPhone and android devices
But Marvel Snap doesn’t come from Blizzard, the giant studio behind Hearthstone. Instead, we’re looking at a Second Dinner creation here. But the good news ...
Asia stocks weighed on inflation fears, China tech sell-off
India considers spending another $26 billion to fight inflation
India’s retail inflation rose to an eight-year high in April, while wholesale inflation rose to at least a 17-year high, posing a major headache for Prime ...
S&P 500 and Dow jump more than 1% with banks and Apple supporting
S&P 500 and Dow jump more than 1% with banks and Apple supporting
Battered growth stocks Apple Inc and Microsoft Corp rose 1.6% and 1.5%, respectively, providing the biggest boost to the S&P 500. U.S. stock indexes ...
In Davos, business and government leaders warn of impending economic storm
In Davos, business and government leaders warn of impending economic storm
“But if none of the problems are solved, I’m really afraid we’re running into a global recession with tremendous effect .. on global stability,” Habeck said ...
Maharashtra joins World Economic Forum in battle against plastic pollution
Maharashtra joins World Economic Forum in battle against plastic pollution
By joining the Global Plastic Action Partnership, Maharashtra aims to enhance its commitment to curbing plastic pollution, raise its ambition, and ensure ...
Non-payment of TDS is not a reason for insolvency proceedings
Non-payment of TDS is not a reason for insolvency proceedings
“The consequences of non-payment of TDS are provided under Income Tax Act, 1961, and income tax authorities have ample powers to take appropriate action,” ...
Show next
We will be happy to hear your thoughts

Leave a reply

Compsmag - Latest News In Tech and Business
Logo