- ‘
FlyTrap ’Android trojan managed to get access touser data through social media hijacking, third-party app stores and sideloading apps. - It is capable of collecting information like Facebook ID, location, email address, IP and address.
- The malware posed as apps offering coupon codes for popular services, and also as voting apps.
The FlyTrap malware posed as apps offering coupon codes and voting apps for the best football team or player. These malicious apps were available on the Google Play Store and third-party app stores as well. The first part of this hacking process is engagement. Users are offered coupons for popular apps like Netflix, and Google Ads coupons as well. The voting apps were about the recent Euro 2020 tournament asking users to choose their favourite team or player, and also whether they plan to watch the match.
Once the engagement part is over, users are shown their Facebook login page and asked to enter their credentials if they want to finish casting their vote or get the coupon code. After users finish this part too they’re given the coupon code but the page instead claims that the coupon code has expired.
“Just like any user manipulation, the high-quality graphics and official-looking login screens are common tactics to have users take action that could reveal sensitive information. In this case, while the user is logging into their official account, the FlyTrap Trojan is hijacking the session information for malicious intent,” Zimperium said in a blog post.
The Android trojan is capable of accessing users’ Facebook ID, location, email address, IP address, and cookie and tokens associated with their Facebook account. Hackers can use the Facebook accounts to further spread malware via messages, and also create disinformation campaigns through the user’s geolocation details.
The findings of this Android trojan were reported to Google and the malicious apps were removed from the Play Store. But Zimperium warns that some of these apps are still available via third-party stores.
SEE ALSO:
This new Android banking malware can screen record everything on your phone
Amazon’s Kindle e-readers could be prone to hacking through malicious e-books