Security News > 2021 > August > Android Malware ‘FlyTrap’ Hijacks Facebook Accounts
Researchers have uncovered a new Android trojan, dubbed FlyTrap, that's spread to more than 10,000 victims via rigged apps on third-party app stores, sideloaded apps and hijacked Facebook accounts.
Before the malware apps dish out the promised goodies, targeted users are told to log in with their Facebook accounts to cast their vote or collect the coupon code or credits.
The trojan uses victimized accounts to spread its tentacles, making it look like the rightful owners are sharing legitimate posts, zLabs researchers said: "These hijacked Facebook sessions can be used to spread the malware by abusing the victim's social credibility through personal messaging with links to the Trojan, as well as propagating propaganda or disinformation campaigns using the victim's geolocation details," they wrote.
More recently, a similar malware - a password- and cookie-stealer named CopperStealer - was found to have been compromising Amazon, Apple, Google and Facebook accounts since 2019, then using them for additional cybercriminal activity.
Melick also recommended that users enable multi-factor authentication for all social-media accounts and any other accounts with access to sensitive and private data.
If an Android user suspects that a Facebook account has been connected to a malicious party, Melick said to follow Facebook instructions to log out of all accounts on all devices, immediately change their passwords and enable MFA if not already in use.
News URL
https://threatpost.com/android-malware-flytrap-facebook/168463/
Related news
- Malvertising Campaign Hijacks Facebook Accounts to Spread SYS01stealer Malware (source)
- New FakeCall Malware Variant Hijacks Android Devices for Fraudulent Banking Calls (source)
- Russia targets Ukrainian conscripts with Windows, Android malware (source)
- Android malware "FakeCall" now reroutes bank calls to attackers (source)
- New Android Banking Malware 'ToxicPanda' Targets Users with Fraudulent Money Transfers (source)
- New SteelFox malware hijacks Windows PCs using vulnerable driver (source)
- Cyber crooks push Android malware via letter (source)
- NodeStealer Malware Targets Facebook Ad Accounts, Harvesting Credit Card Data (source)
- SpyLoan Android malware on Google play installed 8 million times (source)
- 8 Million Android Users Hit by SpyLoan Malware in Loan Apps on Google Play (source)