Security News > 2021 > August > Beware! New Android Malware Hacks Thousands of Facebook Accounts
A new Android trojan has been found to compromise Facebook accounts of over 10,000 users in at least 144 countries since March 2021 via fraudulent apps distributed through Google Play Store and other third-party app marketplaces.
Dubbed "FlyTrap," the previously undocumented malware is believed to be part of a family of trojans that employ social engineering tricks to breach Facebook accounts as part of a session hijacking campaign orchestrated by malicious actors operating out of Vietnam, according to a report published by Zimperium's zLabs today and shared with The Hacker News.
Although the offending nine applications have since been pulled from Google Play, they continue to be available in third-party app stores, "Highlighting the risk of sideloaded applications to mobile endpoints and user data," Zimperium malware researcher Aazim Yaswant said.
The malicious apps claim to offer Netflix and Google AdWords coupon codes and let users vote for their favorite teams and players at UEFA EURO 2020, which took place between 11 June and 11 July 2021, only under the condition that they log in with their Facebook accounts to cast their vote, or collect the coupon code or credits.
Once a user signs into the account, the malware is equipped to steal the victim's Facebook ID, location, email address, IP address, and the cookies and tokens associated with the Facebook account, thus enabling the threat actor to carry out disinformation campaigns using the victim's geolocation details or propagate the malware further via social engineering techniques by sending personal messages containing links to the trojan.
"The targeted domains are popular social media platforms and this campaign has been exceptionally effective in harvesting social media session data of users from 144 countries. These accounts can be used as a botnet for different purposes: from boosting the popularity of pages/sites/products to spreading misinformation or political propaganda."
News URL
http://feedproxy.google.com/~r/TheHackersNews/~3/t01JuDf1npI/beware-new-android-malware-hacks.html
Related news
- New FireScam Android malware poses as RuStore app to steal data (source)
- New FireScam Android data-theft malware poses as Telegram Premium app (source)
- FireScam Android Malware Poses as Telegram Premium to Steal Data and Control Devices (source)
- DoNot Team Linked to New Tanzeem Android Malware Targeting Intelligence Collection (source)
- Crypto-stealing iOS, Android malware found on App Store, Google Play (source)
- SpyLend Android malware downloaded 100,000 times from Google Play (source)