• Cryptocurrency
  • Earnings
  • Enterprise
  • About TechBooky
  • Submit Article
  • Advertise Here
  • Contact Us
TechBooky
  • African
  • AI
  • Metaverse
  • Gadgets
Generic selectors
Exact matches only
Search in title
Search in content
Post Type Selectors
  • African
  • AI
  • Metaverse
  • Gadgets
Generic selectors
Exact matches only
Search in title
Search in content
Post Type Selectors
TechBooky
Generic selectors
Exact matches only
Search in title
Search in content
Post Type Selectors
Home Security

Cybersecurity: A New Android Malware “FlyTrap” Revealed

Olagoke Ajibola by Olagoke Ajibola
August 10, 2021
in Security
Share on FacebookShare on Twitter

 

A new Android Trojan has been identified by a cybersecurity firm called Zimperium. Zimperium is an advanced mobile security platform focused on helping its customers detect mobile device threats. Zimperium revealed that FlyTrap a new Android Malware has compromised thousands of Facebook accounts. Android Trojan has hit about 10,000 victims across 140 countries since March. The cybersecurity company claims the new malware campaign spread through social media hijacking, third-party app stores, and side-loaded applications. The company dubbed this malware FlyTrap and said that until recently it was listed on the official Google Play Store.

Zimperium research teams first identified the malware and figured out that it uses social engineering tricks to compromise Facebook accounts. The malware hijacks social media accounts by firstly infecting Android devices, allowing attackers to collect information like Facebook ID, location, email address, and IP address from victims, as well as cookies and tokens tied to users’ Facebook account. According to a report published by Zimperium, FlyTrap is believed to be an undocumented malware that is part of a family of Trojans which employ extreme social engineering tricks to breach Facebook accounts as part of a session hijacking campaign orchestrated by malicious actors operating from Vietnam and shared with The Hacker News.

Although Google Play has since pulled out the nine offending applications said Aazim Yashwant a Zimperium malware researcher, they continue to be available in third-party app stores. This continues to “highlighting the risk of sideloaded applications to mobile endpoints and user data”. He highlighted the list of apps as follows –

  • GG Voucher (com.luxcarad.cardid)
  • Vote European Football (com.gardenguides.plantingfree)
  • GG Coupon Ads (com.free_coupon.gg_free_coupon)
  • GG Voucher Ads (com.m_application.app_moi_6)
  • GG Voucher (com.free.voucher)
  • Chatfuel (com.ynsuper.chatfuel)
  • Net Coupon (com.free_coupon.net_coupon)
  • Net Coupon (com.movie.net_coupon)
  • EURO 2021 Official (com.euro2021)

The malicious apps claim to offer Netflix and Google AdWords coupon codes and let users vote for their favorite teams and players at UEFA EURO 2020, which took place between 11 June and 11 July 2021. The malicious app utilizes this social engineering method under the condition that users log in with their Facebook accounts to cast their vote, or collect the coupon code or credits. Once everything is entered, the app takes victims to a screen that says the coupon has already expired. The malware is equipped to steal the victim’s Facebook ID, location, email address, IP address, and the cookies and tokens associated with the Facebook account instantly, thus enabling the threat actor to carry out disinformation campaigns using the victim’s geolocation details or propagate the malware further via social engineering techniques by sending personal messages containing links to the Trojan.

“These social engineering techniques are highly effective in the digitally connected world and are used often by cybercriminals to spread malware from one victim to another.  Says Zimperium malware researcher. The researchers further explained that the malware uses a technique called “JavaScript injection”, which allows the app to open legitimate URLs inside a “WebView configured with the ability to inject JavaScript code.” The app then extracts information like cookies, user account details, location, and IP address by injecting malicious JS code.

Zimperium suggests Android users find ways to check if any applications on their device have FlyTrap and noted that these breached accounts could be used as a botnet for other purposes like boosting the popularity of certain pages or sites. He added “FlyTrap is just one example of the ongoing, active threats against mobile devices aimed at stealing credentials. Mobile endpoints are often treasure troves of unprotected login information to social media accounts, banking applications, enterprise tools, and more,” said Zimperium researcher.

Related Posts:

  • Microsoft Teams
    Microsoft Teams Vulnerability Exposes User Systems
  • phishing
    Google's Email Cloaking Could be a Defence Against…
  • Facebook data sharing
    Step By Step Guide On How To Delete Your Personal…
  • Explained_-What-is-the-Toll-Fraud-malware-how-it-attacks-Android-devices-and-how-to-protect-yourself
    Microsoft Warns Of A Dangerous Android Malware…
  • th
    2FA Alert: Gmail, Outlook, Facebook, and X Users at Risk
  • ORJAL4DYNFOR3K2HJT2YITAO6Q
    Meta Warns of WhatsApp Security Threat
  • 1
    Top 5 websites to buy Facebook accounts
  • Jessie Kipf (1)
    Investigating the Intriguing Story of How the FBI…

Discover more from TechBooky

Subscribe to get the latest posts sent to your email.

Tags: AndriodappfacebookFlyTrapmalwaremobileZimperium
Olagoke Ajibola

Olagoke Ajibola

Olagoke Ajibola is a creative writer and content producer with an eye for details and excellence. He has a demonstrated history of telling stories for TV, Film and Online. Aside from being fascinated by the power of imagination, his other interest are travel, sport, reading and meeting people.

BROWSE BY CATEGORIES

Select Category

    Receive top tech news directly in your inbox

    subscription from
    Loading

    Freshly Squeezed

    • AI Helps Google One Reach 150 Million Subscribers May 16, 2025
    • FT Lists Paymenow, TymeBank & Omnisient Among Africa’s Fastest-Growing Firms May 16, 2025
    • MoonPay and Mastercard Partner to Advance Stablecoin Payments May 16, 2025
    • Google Gemini Advanced Users Can Now Link to GitHub May 16, 2025
    • TikTok Accused of Violating EU Internet Content Rules May 15, 2025
    • Activists and Users Criticize NCC & Telcos Over Customer Penalties May 15, 2025

    Browse Archives

    May 2025
    MTWTFSS
     1234
    567891011
    12131415161718
    19202122232425
    262728293031 
    « Apr    

    Quick Links

    • About TechBooky
    • Advertise Here
    • Contact us
    • Submit Article
    • Privacy Policy

    Recent News

    AI Helps Google One Reach 150 Million Subscribers

    AI Helps Google One Reach 150 Million Subscribers

    May 16, 2025
    FT Lists Paymenow, TymeBank & Omnisient Among Africa’s Fastest-Growing Firms

    FT Lists Paymenow, TymeBank & Omnisient Among Africa’s Fastest-Growing Firms

    May 16, 2025
    MoonPay and Mastercard Partner to Advance Stablecoin Payments

    MoonPay and Mastercard Partner to Advance Stablecoin Payments

    May 16, 2025
    Google Gemini Advanced Users Can Now Link to GitHub

    Google Gemini Advanced Users Can Now Link to GitHub

    May 16, 2025
    TikTok Accused of Violating EU Internet Content Rules

    TikTok Accused of Violating EU Internet Content Rules

    May 15, 2025
    Activists and Users Criticize NCC & Telcos Over Customer Penalties

    Activists and Users Criticize NCC & Telcos Over Customer Penalties

    May 15, 2025
    • Login

    © 2021 Design By Tech Booky Elite

    Generic selectors
    Exact matches only
    Search in title
    Search in content
    Post Type Selectors
    • African
    • Artificial Intelligence
    • Gadgets
    • Metaverse
    • Tips
    • About TechBooky
    • Advertise Here
    • Submit Article
    • Contact us

    © 2021 Design By Tech Booky Elite

    Discover more from TechBooky

    Subscribe now to keep reading and get access to the full archive.

    Continue reading

    We use cookies to ensure that we give you the best experience on our website. If you continue to use this site we will assume that you are happy with it.Ok