Malicious Android apps try to hijack your Facebook account

These apps try and seize such Fb knowledge as your ID, location, IP deal with and related cookies, says Zimperium.


Savvy cybercriminals usually use social engineering to attempt to trick folks into putting in malware or revealing delicate info. A malicious marketing campaign uncovered by cellular safety supplier Zimperium discovered malicious Android apps that employed social engineering ways to realize entry to the Fb accounts of their victims.

SEE: Prime Android safety suggestions (free PDF) (TechRepublic)

Initially out there by means of each Google Play and third-party shops, the malicious apps have surfaced in no less than 140 nations since March 2021, hitting greater than 10,000 victims, Zimperium stated in a Monday weblog publish. After Zimperium knowledgeable Google of the apps in query, the corporate eliminated them from Google Play. Nonetheless, they’re nonetheless accessible on third-party shops, which implies they are a risk for customers who sideload apps from unofficial sources.

The apps work by delivering an Android trojan that Zimperium codenamed FlyTrap. The attackers begin by getting folks to obtain the apps by means of the usage of high-quality graphics and correct login screens.

After being put in, the apps attempt to have interaction customers by displaying come-ons designed to arouse your curiosity. These embody a Netflix coupon code, a Google AdWords code, and a promo asking you to vote to your favourite soccer group for the UEFA Euro 2020 video games.

Customers who have interaction with one of many come-ons are then proven the Fb login web page and requested to signal into their account to gather the coupon code or solid their vote. After all, no precise code or voting takes place. As a substitute, a message pops up saying that the coupon expired and is not legitimate.

With entry to a sufferer’s Fb account, the trojan then goes into motion by opening a reliable URL and utilizing a little bit of JavaScript injection. Injecting malicious JavaScript code, the trojan is ready to entry and extract the consumer’s Fb account particulars, location, IP deal with and cookies. As a further risk, the Command & Management server operated by the attackers comprises safety flaws that expose all the stolen session cookies to anybody on the web.

“This can be a nifty mixture of a handful of vulnerabilities,” stated Setu Kulkarni, VP of technique for app safety supplier NTT Utility Safety. “The human vulnerability to click on earlier than you assume, a software program vulnerability to permit JS injection, the abundance of metadata open to entry location, and eventually the implicit belief that may be gained by intelligent but doubtful affiliation with the likes of Google, Netflix, and many others. The regarding bit is the community impact this kind of trojan can generate by spreading from one consumer to many.”

To assist Android customers shield themselves towards such malicious apps, Richard Melick, Zimperium’s director of product advertising and marketing for endpoint safety, presents just a few suggestions:

Keep away from putting in cellular apps from unofficial sources. Although Google eliminated among the malicious apps from its Google Play retailer, many are nonetheless out there by means of third-party shops and social media the place they’ll shortly unfold. As such, customers ought to keep away from sideloading any apps or putting in them from untrusted sources. Apps accessible this manner doubtless haven’t been run by means of safety scans and will extra simply include malicious code.

Be vigilant in regards to the exercise and requests of cellular apps. Remember that in the event you grant an app’s request to hook up with one in all your social media accounts, the app can have full entry and management to sure key info.

Take away any suspicious apps. In case you imagine an app could also be placing your knowledge in danger, delete it out of your machine instantly. In case you added the app on Fb, comply with the corporate’s directions for eradicating the app and your related knowledge.

Editor’s word: This text has been up to date with further remark.

Additionally see

Recent Articles


Related Stories

Leave A Reply

Please enter your comment!
Please enter your name here

Stay on op - Ge the daily news in your inbox