Threat Watch

Malicious Photo-Editing Apps Steal Information

Two free photo-editing apps on the Google Play Store have been found hosting malware that steals personal information. Pink Camera and Pink Camera 2 was downloaded over 10,000 times and it contains simple editing software, but also deploys a malware known as “MobOk,” that collects users’ personal and financial data and sends it back to the Command and Control (C&C) server. Once the app is downloaded, it requires the user to give it device permissions which include Wi-Fi controls and notification access. Then it takes the user on a serious of site redirects to a “subscription” page. Once the subscription is complete, it uses the login credentials to apply for “subscriptions” that will bill the account owner without their permission. Google Play Store has removed both apps from their service.

ANALYST NOTES

If a user has either of these apps, then they are recommended to remove them immediately. It is normally recommended to use apps from a more mainstream and trusted manufacturer.