Security News > 2021 > August > Android Malware ‘FlyTrap’ Hijacks Facebook Accounts
Researchers have uncovered a new Android trojan, dubbed FlyTrap, that's spread to more than 10,000 victims via rigged apps on third-party app stores, sideloaded apps and hijacked Facebook accounts.
Before the malware apps dish out the promised goodies, targeted users are told to log in with their Facebook accounts to cast their vote or collect the coupon code or credits.
The trojan uses victimized accounts to spread its tentacles, making it look like the rightful owners are sharing legitimate posts, zLabs researchers said: "These hijacked Facebook sessions can be used to spread the malware by abusing the victim's social credibility through personal messaging with links to the Trojan, as well as propagating propaganda or disinformation campaigns using the victim's geolocation details," they wrote.
More recently, a similar malware - a password- and cookie-stealer named CopperStealer - was found to have been compromising Amazon, Apple, Google and Facebook accounts since 2019, then using them for additional cybercriminal activity.
Melick also recommended that users enable multi-factor authentication for all social-media accounts and any other accounts with access to sensitive and private data.
If an Android user suspects that a Facebook account has been connected to a malicious party, Melick said to follow Facebook instructions to log out of all accounts on all devices, immediately change their passwords and enable MFA if not already in use.
News URL
https://threatpost.com/android-malware-flytrap-facebook/168463/
Related news
- Android malware uses NFC to steal money at ATMs (source)
- New NGate Android malware uses NFC chip to steal credit card data (source)
- Cybercriminals Deploy New Malware to Steal Data via Android’s Near Field Communication (NFC) (source)
- New Android Malware NGate Steals NFC Data to Clone Contactless Payment Cards (source)
- SpyAgent Android malware steals your crypto recovery phrases from images (source)
- New Android SpyAgent Malware Uses OCR to Steal Crypto Wallet Recovery Keys (source)
- Beware: New Vo1d Malware Infects 1.3 Million Android-based TV Boxes Worldwide (source)
- New Android Malware 'Ajina.Banker' Steals Financial Data and Bypasses 2FA via Telegram (source)
- New Vo1d malware infects 1.3 million Android TV streaming boxes (source)
- New Vo1d malware infects 1.3 million Android streaming boxes (source)