Level 55
Top poster
Content Creator
Apr 24, 2016
An Android app sitting on the Google Play store touts itself to be a photo editor app. But, it contains code that steals the user's Facebook credentials to potentially run ad campaigns on the user's behalf, with their payment information.

The app is called "Blender Photo Editor-Easy Photo Background Editor" and has been installed over 5,000 times to date.

Last week, similar malicious apps with over 500,000 installs were also found on the Play Store.
Android users should be wary of such "photo editor" apps recently seen on the Google Play store. Those who have already installed any such app should uninstall the app immediately, clean up their smartphone, and reset their Facebook credentials.

BleepingComputer has reported the aforementioned Blender photo editor app to Google Play prior to publishing.

Update 5:05 am ET: Google Play Store has removed the Blender photo editor app following our report. An archived copy of the app page is available.