According to Zimperium researchers, thousands of Facebook accounts have been compromised by Android malware since March. Zimperium has revealed new Android malware that has reportedly compromised the Facebook accounts of more than 10,000 people in 144 countries since March. The company called this malware FlyTrap and said it was listed on the official Google Play store until recently.
FlyTrap has been touted as a slew of mobile apps dedicated to “free Netflix promo codes, Google AdWords promo codes, and votes for top soccer team or player,” Zimperium said, “enticing users to download. ask for high-quality designs and social engineering “before attempting to access their Facebook accounts.
Programs like this often involve bogus websites, but in this particular case, Zimperium said that FlyTrap led users to the legitimate Facebook login page. The malware then uses the injection of JavaScript to access the user’s Facebook ID, location, email address, and IP address, as well as “cookies and tokens associated with the user. Facebook account ”which he accessed.
This stolen information is then transmitted to the FlyTrap command and control server. Zimperium actually discovered security vulnerabilities in the server it examined, which might be funny if it didn’t “reveal the entire database of stolen session cookies to anyone on the internet, further increasing the social credibility of the victim ”. on trial.
Zimperium said it warned Google about three malicious apps used to distribute FlyTrap malware through the Play Store. However, they’re still available on other platforms, prompting the company to warn Android users of the potential dangers of downloading apps to their devices.
