Various kinds of Malware are looming around freely and threat actors seem to be feasting on unsuspecting users using the various kinds of malware. So much so that they are not leaving any device from their clutches.
Here we are going to talk about a recent Android Trojan that has been codenamed FlyTrap that has been active since March 2021. It has reportedly compromised the Facebook accounts of over 10,000 users across 144 countries.
In this blog, we’ll also have a look at how this Malware has been able to accomplish its malicious intent and what you as a user can do to stay away from such Malware.
How Did FlyTrap Malware Compromise Facebook Accounts
As reported by Zimperium researchers, the threat was disguised and circulated with the help of several themes that tricked users into downloading the application.
The Android Trojan, FlyTrap, has impacted over 10,000 victims in 144 countries but Zimperium customers are protected from this malware. #WeSecureMobile #FlyTrap #AndroidTrojanhttps://t.co/7qxI8cqydq pic.twitter.com/PXR8gm8C4J
— Zimperium (@Zimperium) August 10, 2021
These themes included Google AdWords coupon codes, Netflix coupon codes and even voting for the best soccer player or team.
The look and feel of the applications were so genuine and attractive that they tricked users into downloading such applications after which hackers were able to hack into users’ Facebook accounts.
More specifically, FlyTrap first took users to a legitimate-looking sign-in page. It then used JavaScript injection to gain users’ Facebook credentials such as Facebook ID, Location, Email Address, IP address, and even cookies associated with the Facebook account.
FlyTrap – Modus Operandi
After a user installed an application, the subsequent pages prompted users to give a response as mentioned in the screenshots below. The engagement reached a point where a user had to furnish the Facebook login credentials to further act (For instance, get a Netflix coupon). And, once the user entered the credentials, he or she was taken to another page that stated that the “coupon has expired” since there was no actual coupon.
Ways You Can Steer Clear of FlyTrap Trojan or Any Other Malicious Threats
Here’s how to keep yourself protected from being a victim of Flytrap Malware.
1. Use The Best Mobile Security App (Recommended Method)
It is advisable to install a reliable security solution on your device that’ll be able to track a wide range of vulnerabilities including trojan horse-like FlyTrap before it causes any further damage to your device. Here are some of the best anti-malware apps for Android.
Among the glut of options, we suggest using Smart Phone Cleaner, by Systweak Software. Now you must be wondering why an Android cleaning tool is recommended to you. Well, it’s a multipurpose utility, packed with tons of options to optimize, boost speed and protect your data and device. It has an incredible malware protection module that safeguards your Android device from impending viruses, adware, spyware, trojan horse, and other vulnerabilities. It is power-packed with advanced algorithms that are capable of automatically identifying and removing malicious threats, all thanks to its robust Real-time protection feature!
Here are some of its major highlights:
- Real-time protection from malicious threats.
- All apps are checked so that you don’t have a malicious application on your smartphone. This means it will check every app even if it is installed from the Google Play Store.
- You can schedule automatic scans daily/weekly .
- Hide user history to protect your browsing data.
- Quick & Deep scan modes that can root out even the most deeply ingrained malware from your smartphone
- Functionality to whitelist trusted apps.
- Tons of cleaning and optimization tools to remove junk files, duplicates, game speedup, battery saver, and more.
Download Smart Phone Cleaner
2. Don’t Click on Unknown Links
There are several kinds of malware that are being circulated via links that look very genuine as these are named after authentic apps. Don’t fall prey to these and click on them, no matter how genuine or enticing they might be.
3. Beware of Permissions That You Give To Apps
We have already talked a great deal about how you can manage Android app permissions. If you think that an app should not ask for a particular permission, you should not give that app permission. For example, a simple calculator app should not ask permission to access your camera. If it does, chances are it has some ulterior motives.
4. Be Careful of the Apps That You Download From Google Play Store
What glitters is not always gold. The FlyTrap Trojan put the garb of high-quality designs and sophisticated social engineering which is capable of deceiving anyone. So, even if you have the slightest doubt that the app can cause harm to your smartphone, don’t install it.
5. Your Social Media Account Is Yours Only
This means you should neither hand over your credentials such as username or password of your social media account to someone else nor you should let anyone access your social media account even if you have logged into it.
Wrapping Up
The motive of this blog is not just to make you aware of just one malicious threat, but to warn you against several such ongoing malware through which threat actors can hog onto your secure credentials. As users of any device or operating system, we need to be vigilant and look past just high-end graphics that might rope you into furnishing details. Also, you should be wary of the apps that prompt you to login into your social media accounts.
Leave a Reply