According to Tech Times, FlyTrap Malware has hit over 10,000 Android users worldwide. And the infection is spreading fast.
This new trojan malware infects smartphones by stealing personal data and compromising Facebook accounts. The malware is primarily used to steal personal data spontaneously. But it can be even more dangerous when used to facilitate larger-scale ransomware deployment on specific targets.
In the past, you could change your password on a social media website or have two-factor authentication for protection against threat actors. But this doesn’t work if your device is already infected with the malware.
According to a recent report published by cybersecurity firm Zimperium’s zLab mobile security team, when activated FlyTrap collects personal information.
Then hackers hijack the user’s Facebook account. They use transport layer security (TLS) to avoid detection. And send phishing links to your contacts via posts and direct messages. Or send them infected links which hide other dangerous malware.
Origin of FlyTrap Malware
FlyTrap Malware originated with threat actors that operate in Vietnam. The hacker gang distributes the malware in a variety of ways. This includes through the Google Play Store using apps the group created and published. And it can also be downloaded from other third-party Android app stores.
The hacker gang also launches attacks embedded in fake ads which promise free Netflix codes and Google AdWords coupons. When a victim engages with the ad, the app requests they log in with a Facebook account to claim the free codes or coupons. Then they learn that the offer has “expired”.
FlyTrap spreads quickly to multiple users through what looks like legitimate links and apps.
While the malware is mostly being used to steal personal data at the moment, it could also be employed in more nefarious ways, such as to facilitate a large-scale ransomware deployment.
How to keep yourself safe from FlyTrap
When zLabs notified Google about FlyTrap they removed the malicious apps from the Play Store. Those apps are no longer active on any devices that installed them. But they are believed to still be active on third-party websites.
Malicious ads still live and remain active in the wild. Android users need to take precautions to avoid FlyTrap malware. Here are six quick tips to protect your devices.
- Use anti-malware and antivirus apps. Scan new apps for known threats before downloading. This will also help spot infected devices to remove malware.
- Do not allow unknown apps unnecessary permissions. Less engagement equals an extra layer of protection.
- Never download an unknown app. Even apps from the Google Play Store can be infected. Carefully vet anything you download.
- Never click on an unknown link. And free offers are often scams. Watch out for phishing or similar online scammer techniques.
- Never share your Facebook account information with anyone. Do not trust third-party apps.
- Only log into Facebook (and other social media) through the official website for the login page. Do not respond to prompts from an ad, unknown email, or unrelated app.