A trojan on Android has hacked thousands of Facebook accounts

A trojan on Android has hacked thousands of Facebook accounts

A trojan enabled a group of Vietnamese cybercriminals to seize over 100,000 Facebook accounts in over 144 countries. Victims were hit by clicking on fake coupons

(photo: Rafael Henrique / SOPA Images / LightRocket via Getty Images) Over 10,000 users in at least 144 countries have had their Facebook accounts compromised by a new Android Trojan that infects devices via fraudulent apps downloaded from the Google Play Store and other third-party app marketplaces.

The trojan, nicknamed FlyTrap, is part of a family of malware that use social engineering tricks to hack Facebook accounts of their victims. The use of FlyTrap, according to cybersecurity experts from Zimperium's zLabs, would be part of a session hijacking campaign orchestrated by a group of Vietnam-based cybercriminals.

“The forensic evidence of this active attack by a Android trojans, which we have called FlyTrap, indicate that malicious parties from Vietnam have been running this session hijacking campaign since March 2021 ", write the zLabs experts.

FlyTrap poses a threat to the social identity of the victim hijacking the Facebook account via a trojan that infects his Android device. The information collected from the victim's Android device includes the Facebook ID, location, email address, IP address, cookies and tokens associated with the Facebook account. Once hijacked, the victim's Facebook account can be used by attackers to further spread the malware by abusing the victim's social credibility through personal messages with links to the Trojan, as well as by distributing propaganda or disinformation campaigns using the victim's geolocation details.

Screenshot of the fake coupons used to infiltrate the trojan (image zLabs) To make the victim fall into the trap, the attackers use phishing techniques by inviting them to click on malicious links disguised as codes for free Netflix or Google coupons AdWords.

Although the Google Play Store has already removed malicious applications that mislead users, they are still available on third-party unsecured app store repositories. Furthermore, through Telegram, many groups share links to the aforementioned coupons unaware of being part of a trojan dissemination system.

As always, in these cases, Wired's advice is to be wary of unknown links, even if also sent by trusted people, who promise free promotions to access subscription services.




Social Network - 1 hour ago

Instagram Shops starts testing product advertisements


Microsoft Exchange is in the sights of cybercriminals again


The ultimatum given to the Lazio Region by cybercriminals has expired (without consequences)

Topics

Cybersecurity Facebook Social Network globalData.fldTopic = "Cybersecurity , Facebook, Social Network "

This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivs 3.0 Unported License.




Powered by Blogger.