Beware! Flytrap Android malware apps hijack your Facebook account; find list here

Update: 2021-08-11 11:45 IST

Representational Image 

Facebook FlyTrap Android Malware: The Android malware called FlyTrap is said to have been hijacking thousands of Facebook accounts in 140 countries. Researchers at Zimperium's zLabs found the new Android Trojan recently. According to them, Android malware can spread via malicious apps on Google Play Store, third-party app stores, and downloaded apps. It has been active since March 2021, according to the researchers.

ADVERTISEMENT

New Android malware that hijacks Facebook accounts is said to trick users into logging into malicious apps using their Facebook credentials. It is based on simple social engineering tactics. After you log in, the applications collect user data associated with your Facebook account.

FlyTrap for Android malware is promoted to use different kinds of things, like Netflix coupon codes or Google Adwords coupon codes. Thus, it manages to trick users into downloading after trusting coupon code apps. Once installed, these apps ask users various questions and engage them until they log into their Facebook account. Once you are logged in, you will be asked to vote for the coupon code or credits.

FlyTrap Android Malware Apps:

• GG Voucher (com.luxcarad.cardid)

• Vote European Football (com.gardenguides.plantingfree) 

• Chatfuel (com.ynsuper.chatfuel) -

• Net Coupon (com.free_coupon.net_coupon

• Net Coupon (com.movie.net_coupon)

• GG Coupon Ads (com.free_coupon.gg_free_coupon)

• GG Voucher Ads (com.m_application.app_moi_6)

• GG Voucher (com.free.voucher)

• EURO 2021 Official (com.euro2021)

According to the report, the FlyTrap Android malware uses a Javascript injection to gain access to users' Facebook ID, location, email ID, and IP address. Once this is done, it transfers the stolen information to the malware's command and control server. Hence, it poses a threat to your social identity by hijacking your Facebook account via Trojan, infecting your Android device. Furthermore, these hijacked sessions can be used to spread malware by abusing your social credibility through personal messages with links to the Trojan.

"All this is just another trick to mislead the user since no actual voting or coupon code gets generated. Instead, the final screen tries to justify the fake coupon code by displaying a message that the coupon expired after redemption and before spending," said Zimperium.


Tags:    

Similar News