Live
- Protocol issue creates ripples
- 15-year student dies after snakebite amid hospital hurdles
- Public outcry over ethanol plant proposal
- Recovery of embezzled money demanded by women
- City students bag national award for designing a vehicle
- Driver, 4 others injured in accident
- Andhra Pradesh: Former Minister Reddy Satyanarayana Passes Away
- Public representatives of Maldives visit Vizag
- Our culture & heritage available in books: Saini
- Indiramma beneficiaries to get Rs 5L in 4 phases: Ponguleti
Android Trojan hits 144 countries, 10,000 victims through Facebook hijack
Android trojan Malware targets Facebook accounts
Android trojan dubbed as ‘FlyTrap’, and so far it has affected over 10,000 victims across 144 countries including India, and it is said to have been operated by hackers from Vietnam.
Since March 2021, a new Android trojan has been lurking around specifically targeting Facebook accounts. Discovered by cybersecurity firm Zimperium, the Android trojan dubbed as 'FlyTrap', and so far it has affected over 10,000 victims across 144 countries including India, and it is said to have been operated by hackers from Vietnam.
The FlyTrap malware is modelled as apps offering coupon codes and voting apps for the best football team or player. These malicious apps were available on the Google Play Store and third-party app stores. The first part of this hacking process is engaging users who are offering coupons for popular apps like Netflix, and Google Ads coupons. The voting apps were about the recent Euro 2020 tournament asking users to choose their favourite team or player, and also do they plan to watch the match.
Once the above activity is over, users are shown their Facebook login page and asked to enter their login details if they wish to cast their vote or get the coupon code. After users are done with this part they're given but instead, the page claims that the coupon code has expired.
Zimperium said in a blog post, "Just like any user manipulation, the high-quality graphics and official-looking login screens are common tactics to have users take action that could reveal sensitive information. In this case, while the user is logging into their official account, the FlyTrap Trojan is hijacking the session information for malicious intent."
The Android trojan has the ability to access users' Facebook ID, location, email address, IP address, and cookie and tokens associated with their Facebook account. Hackers can also use Facebook accounts to further spread malware via messages, and also create untruth campaigns through the user's geolocation details.
The outcomes of this Android trojan were reported to Google and the malicious apps were removed from the Play Store. But Zimperium warns that some of these apps are still available via third-party stores.
