The rise of AI art apps

The rise in popularity of AI-based mobile applications that can generate artistic images based on images, such as Lensa’s “Magic Avatars” and the OpenAI service DALL-E 2, which generates them from text, has increased public interest in these tools. Users should be wary of those attempting to distribute PUPs or malware, such as through deceptive applications that promise the same or similar advanced features but are simply basic image editors or otherwise repackaged apps that can drain your data plan and battery life with Clicker and HiddenAds behaviors, subscribe you to expensive services that provide little or no value over alternatives (Fleeceware), or even steal your identity (FaceStealer).

Image 80

Every day, dozens of apps claim to offer AI image creation. Some of them may be legitimate or based on open-source projects like Stable Diffusion, but in their quest for a free app that produces quality results, users may try new apps that compromise their privacy, user experience, wallet, and/or security.


“Pista – Cartoon Photo Effect” and “NewProfilePicture” are two apps that provided visually appealing results; however, they were both based on the same image editor with basic filters and were both infected with Android/FaceStealer, a well-known malware capable of compromising a victim’s Facebook or Instagram account. By embedding a javascript function loaded from a remote server (to avoid detection) into a flutter webview activity that displays the Facebook login screen, the apps could capture user credentials during a Facebook login.

Image 81
“NewProfilePicture” and “Pista – Cartoon Photo Effect” are examples of FaceStealer malware that posed as a cartoon avatar creator.

The same image editor that was repackaged into the preceding two apps was also repackaged with adware modules and distributed by other developers under different app names, such as “Cartoon Effect | Cartoon Photo”:

Image 82


Fleeceware is a term used to describe mobile apps that use various tactics to enroll users in high-priced subscriptions, usually after a free trial period, and often with little or no value to the subscriber beyond cheaper or free alternatives. If the user fails to cancel their subscription, they will be charged even after deleting the app.

Image 83


The “Fun Coloring – Paint by Number” app, which was advertised as capable of transforming pictures into artistic drawings, is an example of a repackaged version of a different, legitimate pixel painting app. It lacked the promised AI effects and displayed adware-like behavior.

Image 84
Advertisement of “Fun Coloring – Paint by Number” on social media which included app store link 

Shopping cart close