SECURITY researchers have warned of at least nine dodgy Androids apps that hand hackers access to your online accounts.
If downloaded, the apps grant cyber crooks access to your Facebook, WhatsApp and Instagram accounts, experts said this week.
2
The team at Texas-based Zimperium’s zLabs exposed the spyware in a report published Wednesday.
They said the apps, which are loaded with malicious software “Flytrap”, lure victims in with false promises of free coupon codes and football polls.
Flytrap typically infects phones by hiding inside otherwise innocuous-looking apps, they said.
Once inside, the malware hijacks any Facebook accounts stored on the device.
From here, hackers can collect personal information including your Facebook ID, location, email address and more.
According to Zimperium, FlyTrap has hit at least 140 countries since March 2021 and has spread to over 10,000 victims.
It largely targeted people through social media hijacking, third-party app stores, and sideloaded applications.
Google has removed them from its official app store but they’re still available on third-party websites.
Trojan apps found by researchers
Here are the dodgy apps uncovered by the team…
- GG Voucher
- Vote European Football
- GG Coupon Ads
- GG Voucher Ads
- GG Voucher
- Chatfuel
- Net Coupon
- Net Coupon
- EURO 2021 Official
They’re already on the phones of thousands of people, who are being urged by the researchers to delete the dodgy downloads as soon as possible.
“The zLabs team determined this previously undetected malware is part of a family of Trojans that employ social engineering tricks to compromise Facebook accounts,” researchers wrote.
“Forensic evidence of this active Android Trojan attack, which we have named FlyTrap, points to malicious parties out of Vietnam running this session hijacking campaign since March 2021.
“These malicious applications were initially distributed through both Google Play and third-party application stores.
“Zimperium zLabs reported the findings to Google, who verified the provided research and removed the malicious applications from the Google Play store.
“However, the malicious applications are still available on third-party, unsecured app repositories, highlighting the risk of sideloaded applications to mobile endpoints and user data.”
2
Best Phone and Gadget tips and hacks
Looking for tips and hacks for your phone? Want to find those secret features within social media apps? We have you covered…
North Korean hackers which ‘rival the CIA’ stole $2 billion in cyberattacks, UN report finds
In other news, nine apps have had to be removed from the Google Play Store after they were caught stealing Facebook passwords.
Facebook is facing backlash in the US over plans to create a version of Instagram for children under 13.
And, influencers who don’t clearly state if they’ve edited photos which are advertisements could be fined or imprisoned in Norway due to a new law.
We pay for your stories! Do you have a story for The Sun Online Tech & Science team? Email us at [email protected]
This post first appeared on Thesun.co.uk
