Security News > 2021 > August > Beware! New Android Malware Hacks Thousands of Facebook Accounts
A new Android trojan has been found to compromise Facebook accounts of over 10,000 users in at least 144 countries since March 2021 via fraudulent apps distributed through Google Play Store and other third-party app marketplaces.
Dubbed "FlyTrap," the previously undocumented malware is believed to be part of a family of trojans that employ social engineering tricks to breach Facebook accounts as part of a session hijacking campaign orchestrated by malicious actors operating out of Vietnam, according to a report published by Zimperium's zLabs today and shared with The Hacker News.
Although the offending nine applications have since been pulled from Google Play, they continue to be available in third-party app stores, "Highlighting the risk of sideloaded applications to mobile endpoints and user data," Zimperium malware researcher Aazim Yaswant said.
The malicious apps claim to offer Netflix and Google AdWords coupon codes and let users vote for their favorite teams and players at UEFA EURO 2020, which took place between 11 June and 11 July 2021, only under the condition that they log in with their Facebook accounts to cast their vote, or collect the coupon code or credits.
Once a user signs into the account, the malware is equipped to steal the victim's Facebook ID, location, email address, IP address, and the cookies and tokens associated with the Facebook account, thus enabling the threat actor to carry out disinformation campaigns using the victim's geolocation details or propagate the malware further via social engineering techniques by sending personal messages containing links to the trojan.
"The targeted domains are popular social media platforms and this campaign has been exceptionally effective in harvesting social media session data of users from 144 countries. These accounts can be used as a botnet for different purposes: from boosting the popularity of pages/sites/products to spreading misinformation or political propaganda."
- New Android Malware Targeting US, Canadian Users with COVID-19 Lures (source)
- TangleBot Malware Reaches Deep into Android Device Functions (source)
- New Android Malware Steals Financial Data from 378 Banking and Wallet Apps (source)
- New SMS malware targets Android users through fake COVID messages (source)
- New Android malware steals millions after infecting 10M phones (source)
- Facebook open-sources tool to find Android app security flaws (source)
- Facebook Releases New Tool That Finds Security and Privacy Bugs in Android Apps (source)
- Flubot Android malware now spreads via fake security updates (source)
- Flubot Malware Targets Androids With Fake Security Updates (source)
- Beware of Fake Amnesty International Antivirus for Pegasus that Hacks PCs with Malware (source)