- ‘FlyTrap’ Android trojan managed to get access to user data through social media hijacking, third-party app stores and sideloading apps.
- It is capable of collecting information like Facebook ID, location, email address, IP and address.
- The malware posed as apps offering coupon codes for popular services, and also as voting apps.
A new Android
trojan has been lurking around since March this year specifically targeting Facebook accounts. Discovered by cybersecurity firm
Zimperium, the Android trojan has been dubbed ‘FlyTrap’, and it has so far affected over 10,000 victims across 144 countries including India, and it is said to have been operated by hackers from Vietnam.
The FlyTrap
malware posed as apps offering coupon codes and voting apps for the best football team or player. These malicious apps were available on the Google Play Store and third-party app stores as well. The first part of this hacking process is engagement. Users are offered coupons for popular apps like Netflix, and Google Ads coupons as well. The voting apps were about the recent Euro 2020 tournament asking users to choose their favourite team or player, and also whether they plan to watch the match.
Once the engagement part is over, users are shown their Facebook login page and asked to enter their credentials if they want to finish casting their vote or get the coupon code. After users finish this part too they’re given the coupon code but the page instead claims that the coupon code has expired.
Transform talent with learning that worksCapability development is critical for businesses who want to push the envelope of innovation.Discover how business leaders are strategizing around building talent capabilities and empowering employee transformation.Know More “Just like any user manipulation, the high-quality graphics and official-looking login screens are common tactics to have users take action that could reveal sensitive information. In this case, while the user is logging into their official account, the FlyTrap Trojan is hijacking the session information for malicious intent,” Zimperium said in a blog post.
The Android trojan is capable of accessing users’ Facebook ID, location, email address, IP address, and cookie and tokens associated with their Facebook account. Hackers can use the Facebook accounts to further spread malware via messages, and also create disinformation campaigns through the user’s geolocation details.
The findings of this Android trojan were reported to Google and the malicious apps were removed from the Play Store. But Zimperium warns that some of these apps are still available via third-party stores.
SEE ALSO:This new Android banking malware can screen record everything on your phoneAmazon’s Kindle e-readers could be prone to hacking through malicious e-books
Next Story
I spent $2,000 for 7 nights in a 179-square-foot room on one of the world's largest cruise ships. Take a look inside my cabin.
Saudi Arabia wants China to help fund its struggling $500 billion Neom megaproject. Investors may not be too excited.
One of the world's only 5-star airlines seems to be considering asking business-class passengers to bring their own cutlery
From terrace to table: 8 Edible plants you can grow in your home
India fourth largest military spender globally in 2023: SIPRI report
New study forecasts high chance of record-breaking heat and humidity in India in the coming months
Gold plunges ₹1,450 to ₹72,200, silver prices dive by ₹2,300
Strong domestic demand supporting India's growth: Morgan Stanley
