Table of Contents

How To Avoid Falling Prey To FlyTrap Malware
How To /

How To Avoid Falling Prey To FlyTrap Malware

Various kinds of Malware are looming around freely and threat actors seem to be feasting on unsuspecting users using the various kinds of malware. So much so that they are not leaving any device from their clutches.

Here we are going to talk about a recent Android Trojan that has been codenamed FlyTrap that has been active since March 2021. It has reportedly compromised the Facebook accounts of over 10,000 users across 144 countries.

In this blog, we’ll also have a look at how this Malware has been able to accomplish its malicious intent and what you as a user can do to stay away from such Malware.

How Did FlyTrap Malware Compromise Facebook Accounts

As reported by Zimperium researchers, the threat was disguised and circulated with the help of several themes that tricked users into downloading the application.

These themes included Google AdWords coupon codes, Netflix coupon codes and even voting for the best soccer player or team.

The look and feel of the applications were so genuine and attractive that they tricked users into downloading such applications after which hackers were able to hack into users’ Facebook accounts.

More specifically, FlyTrap first took users to a legitimate-looking sign-in page. It then used JavaScript injection to gain users’ Facebook credentials such as Facebook ID, Location, Email Address, IP address, and even cookies associated with the Facebook account.

FlyTrap – Modus Operandi

After a user installed an application, the subsequent pages prompted users to give a response as mentioned in the screenshots below. The engagement reached a point where a user had to furnish the Facebook login credentials to further act (For instance, get a Netflix coupon). And, once the user entered the credentials, he or she was taken to another page that stated that the “coupon has expired” since there was no actual coupon.

Source: zimperium

Ways You Can Steer Clear of FlyTrap Trojan or Any Other Malicious Threat

1. Use An Anti-malware App

It is advisable to install a reliable anti-malware or antivirus app that’ll be able to track a Trojan like FlyTrap before it causes any further damage to your device. Here are some of the best anti-malware apps for Android.

Systweak Anti-Malware is one of the best antivirus apps for Android that protects your Android smartphone from impending viruses. It is power-packed with advanced algorithms that are capable of automatically identifying and removing malicious threats.

Remove malware

Here are some of its best features:

  • Real-time protection from malicious threats
  • All apps are checked so that you don’t have a malicious application on your smartphone. This means it will check every app even if it is installed from Google Play Store
  • You can schedule scans daily/ weekly
  • Multiple scanning modes that can root out even the most deeply ingrained malware from your smartphone
  • Functionality to whitelist trusted apps

Scan result

Download Systweak Anti-Malware

2. Don’t Click on Unknown Links

There are several kinds of malware that are being circulated via links that look very genuine as these are named after authentic apps. Don’t fall prey to these and click on them, no matter how genuine or enticing they might be.

3. Beware of Permissions That You Give To Apps

We have already talked a great deal about how you can manage Android app permissions. If you think that an app should not ask for a particular permission, you should not give that app permission. For example, a simple calculator app should not ask permission to access your camera. If it does, chances are it has some ulterior motives.   

4. Be Careful of the Apps That You Download From Google Play Store

What glitters is not always gold. The FlyTrap Trojan put the garb of high-quality designs and sophisticated social engineering which is capable of deceiving anyone. So, even if you have the slightest doubt that the app can cause harm to your smartphone, don’t install it.

5. Your Social Media Account Is Yours Only

This means you should neither hand over your credentials such as username or password of your social media account to someone else nor you should let anyone access your social media account even if you have logged into it.

Wrapping Up

The motive of this blog is not just to make you aware of just one malicious threat, but to warn you against several such ongoing malware through which threat actors can hog onto your secure credentials. As users of any device or operating system, we need to be vigilant and look past just high-end graphics that might rope you into furnishing details. Also, you should be wary of the apps that prompt you to login into your social media accounts.

Releted Topics

Leave a Reply

Your email address will not be published. Required fields are marked *