Zimperium, a cybersecurity firm, has identified a new Android Trojan and issued a report detailing how the malware has infected more than 10,000 people in 140 countries.
According to Zimperium, a US-based security firm, FlyTrap has infiltrated accounts through a variety of methods including social media hacking, third-party app shops, and malicious programs. The malicious malware mostly targeted Google’s Android mobile operating system.
The malware was discovered by Zimperium’s zLabs mobile threat research teams, who discovered that it leverages social engineering techniques to infiltrate Facebook accounts.
By infecting Android devices, the malware hijacks social media accounts, allowing attackers to acquire information from victims such as Facebook ID, location, email address, and IP address, as well as cookies and tokens associated with your Facebook account.
Following the initial detection, it informed Alphabet-owned Google of the results, which confirmed the research findings and removed the malicious apps from the Google Play store.
“However, the malicious applications are still available on third-party, unsecured app repositories highlighting the risk of sideloaded applications to mobile endpoints and user data, the mobile application poses a threat to the victim’s social identity by hijacking their Facebook accounts via a Trojan infecting their Android device,” the company stated.
Threat actors utilize a variety of enticing topics, such as free Netflix coupons, Google AdWords coupons, and voting for the best soccer cricket player.
Mr. Setu Kulkarni, Vice President at NTT Application Security, noted that FlyTrap was a “nifty combination” of a handful of vulnerabilities and took advantage of the abundance of meta-data open to access, like location, as well as the implicit trust that can be gained by clever yet dubious associations with companies like Google, Netflix and others.