Table of Contents
Various kinds of Malware are looming around freely and threat actors seem to be feasting on unsuspecting users using the various kinds of malware. So much so that they are not leaving any device from their clutches.
Here we are going to talk about a recent Android Trojan that has been codenamed FlyTrap that has been active since March 2021. It has reportedly compromised the Facebook accounts of over 10,000 users across 144 countries.
In this blog, we’ll also have a look at how this Malware has been able to accomplish its malicious intent and what you as a user can do to stay away from such Malware.
How Did FlyTrap Malware Compromise Facebook Accounts
As reported by Zimperium researchers, the threat was disguised and circulated with the help of several themes that tricked users into downloading the application.
The Android Trojan, FlyTrap, has impacted over 10,000 victims in 144 countries but Zimperium customers are protected from this malware. #WeSecureMobile #FlyTrap #AndroidTrojanhttps://t.co/7qxI8cqydq pic.twitter.com/PXR8gm8C4J
— ZIMPERIUM (@ZIMPERIUM) August 10, 2021
These themes included Google AdWords coupon codes, Netflix coupon codes and even voting for the best soccer player or team.
The look and feel of the applications were so genuine and attractive that they tricked users into downloading such applications after which hackers were able to hack into users’ Facebook accounts.
FlyTrap – Modus Operandi
After a user installed an application, the subsequent pages prompted users to give a response as mentioned in the screenshots below. The engagement reached a point where a user had to furnish the Facebook login credentials to further act (For instance, get a Netflix coupon). And, once the user entered the credentials, he or she was taken to another page that stated that the “coupon has expired” since there was no actual coupon.
Ways You Can Steer Clear of FlyTrap Trojan or Any Other Malicious Threat
1. Use An Anti-malware App
It is advisable to install a reliable anti-malware or antivirus app that’ll be able to track a Trojan like FlyTrap before it causes any further damage to your device. Here are some of the best anti-malware apps for Android.
Systweak Anti-Malware is one of the best antivirus apps for Android that protects your Android smartphone from impending viruses. It is power-packed with advanced algorithms that are capable of automatically identifying and removing malicious threats.
Here are some of its best features:
- Real-time protection from malicious threats
- All apps are checked so that you don’t have a malicious application on your smartphone. This means it will check every app even if it is installed from Google Play Store
- You can schedule scans daily/ weekly
- Multiple scanning modes that can root out even the most deeply ingrained malware from your smartphone
- Functionality to whitelist trusted apps
Download Systweak Anti-Malware
2. Don’t Click on Unknown Links
There are several kinds of malware that are being circulated via links that look very genuine as these are named after authentic apps. Don’t fall prey to these and click on them, no matter how genuine or enticing they might be.
3. Beware of Permissions That You Give To Apps
We have already talked a great deal about how you can manage Android app permissions. If you think that an app should not ask for a particular permission, you should not give that app permission. For example, a simple calculator app should not ask permission to access your camera. If it does, chances are it has some ulterior motives.
4. Be Careful of the Apps That You Download From Google Play Store
What glitters is not always gold. The FlyTrap Trojan put the garb of high-quality designs and sophisticated social engineering which is capable of deceiving anyone. So, even if you have the slightest doubt that the app can cause harm to your smartphone, don’t install it.
5. Your Social Media Account Is Yours Only
This means you should neither hand over your credentials such as username or password of your social media account to someone else nor you should let anyone access your social media account even if you have logged into it.
The motive of this blog is not just to make you aware of just one malicious threat, but to warn you against several such ongoing malware through which threat actors can hog onto your secure credentials. As users of any device or operating system, we need to be vigilant and look past just high-end graphics that might rope you into furnishing details. Also, you should be wary of the apps that prompt you to login into your social media accounts.