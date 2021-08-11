Thousands of Facebook accounts are hijacked by the Android malware FlyTrap.

According to a new research from mobile technology security company Zimperium, a new Android malware previously spread through apps published on the Google Play Store has affected more than 10,000 Facebook accounts across 144 countries since March.

According to Zimperium, the new malware known as FlyTrap was tracked to operators in Vietnam. It has already spread across hundreds of countries. According to reports, the infection is part of a family of Trojans that utilize social engineering to get access to Facebook accounts.

Malicious apps available on Google Play Store and third-party app shops were used to promote the hijacking effort at first. FlyTrap employed a variety of mobile apps that offered to give away “free Netflix coupon codes, Google AdWords coupon codes, and voting for the greatest football (soccer) team or player,” according to the firm’s cybersecurity analysts.

Before attempting to access users’ Facebook accounts, the malware “tried to fool users into downloading and trusting the application with high-quality designs and social engineering,” according to the business.

After receiving information from Zimperium, Google Play deleted the fraudulent apps.

GG Voucher (com.luxcarad.cardid), Vote European Football (com.gardenguides.plantingfree), GG Coupon Ads (com.free coupon.gg free coupon), GG Voucher Ads (com.m application.app moi 6), GG Voucher (com.free.voucher), Chatfuel (com.ynsuper.chatfuel), Net Coupon (com.free coupon), GG Vouch (com.euro2021).

These apps are said to jeopardize victims’ social identities by stealing their Facebook accounts using a Trojan that infects Android smartphones. The victim’s device is then scanned for information such as location, email address, IP address, Facebook ID, and tokens and certificates associated with the Facebook account.

Furthermore, by exploiting the owner’s social trustworthiness, bad actors can utilize hijacked Facebook sessions to disseminate malware. This is accomplished by utilizing the victim’s account to send personal messages including links to the malware. Hackers can potentially use the victim’s geolocation information to spread disinformation campaigns or propaganda.

Unfortunately, FlyTrap is just one of the active dangers that infect mobile devices in order to collect information.

Mobile endpoints are often the gold mine for login credentials for banking apps, social networking accounts, workplace tools, and a variety of other services.