How to Avoid Being Trapped in Android FlyTrap Malware

Beware of Android users – a new Trojan infects smartphones around the world, steals personal data from thousands of users and compromises their Facebook accounts.

A new Trojan known as FlyTrap has infected more than 10,000 devices in at least 144 countries, according to a recent report released by the mobile security group zLab of cybersecurity firm Zimperium. After activation on the user’s device, it can collect personal information, for example:

  • Location data
  • IP addresses
  • E-mail address
  • Facebook IDs, cookies, login tokens and more.

Hackers can then hijack the user’s Facebook account to send more phishing links to the user’s contacts via direct messages and posts, or send them links hiding other, even more dangerous malware.

ZLabs researchers have traced the origins of FlyTrap back to a well-known malware group based in Vietnam that distributes malware in a variety of ways, including through applications created and published by the group on the Google Play store and other third-party Android app stores.

Hackers also carry out attacks using fake ads promising free Netflix codes, Google AdWords coupons, or even soccer match tickets. If a user interacts with an ad, the app will ask them to log into their Facebook account to request a free offer – only to let them know that the “offer” has expired.

Please note that these fake ads do not use fake login pages to phish someone’s account. Instead, ads collect Facebook user data through Javascript injection, a technique that even works on legitimate Facebook login page or any website’s login page, for that matter.

This is why FlyTrap is such a threat: It can quickly spread to multiple users through seemingly legitimate links and apps. While malware is currently used primarily to steal identity, it can also be used in more nefarious ways, such as facilitating the large-scale deployment of ransomware.

How to protect yourself from the FlyTrap Trojan

Google has already removed malicious apps from the Play Store in response to the zLabs report and these apps are no longer active on any device they were installed on. However, they may be available on third party websites. Unfortunately, none of the offending apps are mentioned directly in the Zimperium report.

Malicious ads are still active in the wild as well, so Android users need to keep their devices secure. Here are some quick tips:

  • Use antivirus and antivirus applications to scan new applications you want to install for known threats before downloading them, which can help infected users find and remove malware.
  • Don’t give apps unnecessary permissions .
  • Do not download unknown applications, even from the Play Store, Google, and carefully veterinarian applications you install.
  • Don’t click on unknown links and beware of too good to be true offers and similar online scams.
  • Do not share your Facebook account information with anyone or third party applications.
  • Log into Facebook (and other social networks) only through the official app or website, and never when prompted by an advertisement, email, or other app.

[ ZDNet ]

More…

Leave a Reply