In May, the personal data of more than half a billion Facebook users was available for free download on an online hacking forum. EPA
In May, the personal data of more than half a billion Facebook users was available for free download on an online hacking forum. EPA
In May, the personal data of more than half a billion Facebook users was available for free download on an online hacking forum. EPA
In May, the personal data of more than half a billion Facebook users was available for free download on an online hacking forum. EPA

Business

Technology

New Android malware compromises 10,000 Facebook accounts in 140 countries

Malicious software collected confidential data such as a user's Facebook ID, location, email address and the intellectual property details of their device

Alkesh Sharma
Alkesh Sharma

August 10, 2021

  • English
  • Arabic

New malware called FlyTrap has compromised more than 10,000 Facebook accounts in about 140 countries since March, according to a new report.

FlyTrap has penetrated accounts through various tactics such as social media breaching, third-party app stores and malicious apps, according to US-based security company Zimperium. The malicious software primarily targeted victims using Google’s Android mobile operating system.

Zimperium’s zLabs mobile threat research team said its forensic evidence of this active attack points to malicious parties in Vietnam.

“These malicious applications were initially distributed through both Google Play and third-party application stores,” Zimperium said.

After the first detection, it reported the findings to Alphabet-owned Google, which verified the research findings and removed the malicious applications from the Google Play store.

“However, the malicious applications are still available on third-party, unsecured app repositories … highlighting the risk of side-loaded applications to mobile endpoints and user data,” the company said.

“The mobile application poses a threat to the victim’s social identity by hijacking their Facebook accounts via a Trojan [horse] infecting their Android device.”

The information collected from the victim’s Android device includes their Facebook ID, location, email address, intellectual property details of the device and other personal information associated with the Facebook account.

Facebook and Google did not respond to The National's request for comments.

How FlyTrap works?

The threat actors use several themes that users would find appealing such as free Netflix coupon codes, Google AdWords coupon codes and voting for the best football or cricket player.

“Initially available in Google Play and third-party stores, the [malicious] application tricked users into downloading and trusting it with high-quality designs and social engineering … after installation, the malicious application displays pages that engage the user and asks for a response from them,” Zimperium said.



MATCH INFO

Real Madrid 3 (Kroos 4', Ramos 30', Marcelo 37')

Eibar 1 (Bigas 60')

How%20to%20avoid%20getting%20scammed
%3Cul%3E%0A%3Cli%3ENever%20click%20on%20links%20provided%20via%20app%20or%20SMS%2C%20even%20if%20they%20seem%20to%20come%20from%20authorised%20senders%20at%20first%20glance%3C%2Fli%3E%0A%3Cli%3EAlways%20double-check%20the%20authenticity%20of%20websites%3C%2Fli%3E%0A%3Cli%3EEnable%20Two-Factor%20Authentication%20(2FA)%20for%20all%20your%20working%20and%20personal%20services%3C%2Fli%3E%0A%3Cli%3EOnly%20use%20official%20links%20published%20by%20the%20respective%20entity%3C%2Fli%3E%0A%3Cli%3EDouble-check%20the%20web%20addresses%20to%20reduce%20exposure%20to%20fake%20sites%20created%20with%20domain%20names%20containing%20spelling%20errors%3C%2Fli%3E%0A%3C%2Ful%3E%0A
Red flags
  • Promises of high, fixed or 'guaranteed' returns.
  • Unregulated structured products or complex investments often used to bypass traditional safeguards.
  • Lack of clear information, vague language, no access to audited financials.
  • Overseas companies targeting investors in other jurisdictions - this can make legal recovery difficult.
  • Hard-selling tactics - creating urgency, offering 'exclusive' deals.

Courtesy: Carol Glynn, founder of Conscious Finance Coaching

UAE currency: the story behind the money in your pockets
WOMAN AND CHILD

Director: Saeed Roustaee

Starring: Parinaz Izadyar, Payman Maadi

Rating: 4/5

On Women's Day
DUNGEONS%20%26%20DRAGONS%3A%20HONOR%20AMONG%20THIEVES
%3Cp%3EDirectors%3A%20John%20Francis%20Daley%20and%20Jonathan%20Goldstein%3Cbr%3EStars%3A%20Chris%20Pine%2C%20Michelle%20Rodriguez%2C%20Rege-Jean%20Page%2C%20Justice%20Smith%2C%20Sophia%20Lillis%3Cbr%3ERating%3A%203%2F5%3C%2Fp%3E%0A
Roger Federer's record at Wimbledon

Roger Federer's record at Wimbledon

1999 - 1st round

2000 - 1st round

2001 - Quarter-finalist

2002 - 1st round

2003 - Winner

2004 - Winner

2005 - Winner

2006 - Winner

2007 - Winner

2008 - Finalist

2009 - Winner

2010 - Quarter-finalist

2011 - Quarter-finalist

2012 - Winner

2013 - 2nd round

2014 - Finalist

2015 - Finalist

2016 - Semi-finalist

Updated: August 10, 2021, 6:34 AM`
FacebookGoogleUS