New Delhi: Researchers have found new Android Trojans, nicknamed Flytrap, which can hijack user Facebook accounts in more than 140 countries by stealing Cookie sessions.
According to the Zlabs Zimperium cellular threat study team, since March 2021, malware has spread to more than 10,000 victims through social media piracy, third party application stores, and sideloaded applications.
Malware depends on simple social engineering tactics and tricks of victims to enter evil applications using their Facebook credentials.
The application then collects user data related to social media sessions.
How Android Malware Works Per Researchers, Flytrap uses a variety of cellular applications such as Netflix coupon codes, Google AdWords coupon codes, and vote for the best team or soccer players (football).
Originally available on Google Play and third-party stores, this application cheats users to download and trust applications with high-quality designs.
After the user installs the application then it will involve them and request a response to various questions.
This involvement continues until the user displays the Facebook login page.
Malware then asks for users to enter their Facebook account and vote to collect coupon or credit codes.
“All of this is just another trick to misleading users because there is no actual voting code or coupon.
Instead, the final screen tries to justify the fake coupon code by displaying a message stating that” coupons after expenditure, “said Zimperium.
After this, malware Then use Javascript injection to get access to the user’s Facebook ID, location, email address, and IP address.
Curian information is then transferred to the Flytrap server command and control.
Ziperium also said that he warned Google about three evil applications used to distribute Flytrap malware through Play Store.
Google then verifies research and removes malicious applications from the Play Store.
What Flytrap can be done on new Youthis Android malware can pose a threat to the user’s social identity by hijacking their Facebook account through Trojans infecting their Android device.
Malware then collects n Information such as Facebook ID, email address, location, IP address and cookies and tokens related to Facebook account.
The hijacked session can then be used to spread malware by misusing the victim’s social credibility through a personal messaging with a link to Trojan, and distributing propaganda or disinformation campaigns using the details of the victim’s geolocation.