Groan….yes, another Android Trojan has hit mobiles in at least 140 countries, according to security agency Zimperium zlabs.
It said on its Site the Android Trojan named, “FlyTrap” was on since March 2021. It had spread to over 10,000 victims through social media hijacking, 3rd-party app stores, & sideloaded applications.
Zimperium’s zLabs mobile threat teams recently found several previously undetected applications using Zimperium’s z9 malware engine & on-device detection. Following their forensic investigation, the zLabs team determined this previously undetected malware was part of a family of Trojans that employed social engineering tricks to compromise Facebook accounts.
Forensic evidence of this active Android Trojan attack, said zLabs, pointed to malicious parties out of Vietnam.
What Can New Android Trojan Do?
The mobile application poses a threat to the victim’s social identity by hijacking their Facebook accounts via a Trojan infecting their Android device. The information collected from the victim’s Android device includes:
- Facebook ID
- Location
- Email address
- IP address
- Cookie & tokens associated with the Facebook account
These hijacked Facebook sessions can be used to spread the malware by abusing the victim’s social credibility through personal messaging with links to the Trojan, as well as propagating propaganda or disinformation campaigns using the victim’s geolocation details. These social engineering techniques are highly effective in the digitally connected world and are used often by cybercriminals to spread malware from one victim to another.
Image credit: zLabs
