- #FACEBOOK SESSION EXPIRED 2020 ANDROID ANDROID#
- #FACEBOOK SESSION EXPIRED 2020 ANDROID CODE#
- #FACEBOOK SESSION EXPIRED 2020 ANDROID FREE#
“These social-engineering techniques are highly effective in the digitally connected world and are used often by cybercriminals to spread malware from one victim to another.” Then, the trojan uses victimized accounts to spread its tentacles, making it look like the rightful owners are sharing legitimate posts, zLabs researchers said: “These hijacked Facebook sessions can be used to spread the malware by abusing the victim’s social credibility through personal messaging with links to the Trojan, as well as propagating propaganda or disinformation campaigns using the victim’s geolocation details,” they wrote.
#FACEBOOK SESSION EXPIRED 2020 ANDROID ANDROID#
FlyTrap Gets BusyĪfter a bamboozled Android user forks over their Facebook credentials, the apps get busy slurping up details that include: Screen captures of FlyTrap’s Facebook credential-stealing operation.
#FACEBOOK SESSION EXPIRED 2020 ANDROID CODE#
They make a last-stab attempt to look legitimate by tossing up a message saying that the coupon or code expired “after redemption and before spending,” as shown in the screen captures below. Rather, the malicious apps are just after Facebook credentials.
#FACEBOOK SESSION EXPIRED 2020 ANDROID FREE#
There are, of course, no free Netflix or AdWords coupons or codes, and there’s no fav-football voting to be had. But first, before the malware apps dish out the promised goodies, targeted users are told to log in with their Facebook accounts to cast their vote or collect the coupon code or credits. The bad apps purport to offer Netflix and Google AdWords coupon codes, or to let users vote for their favorite teams and players at UEFA EURO 2020: The quadrennial European soccer championship that wrapped up on July 11 (delayed a year by COVID-19). “In this case, while the user is logging into their official account, the FlyTrap Trojan is hijacking the session information for malicious intent.” “Just like any user manipulation, the high-quality graphics and official-looking login screens are common tactics to have users take action that could reveal sensitive information,” zLabs researchers explained. They’re not only enticing they’re slick, too, with high-quality graphics – all the better to hide what they’re doing behind the scenes. The threat actors use a variety of come-ons: Free Netflix coupon codes, Google AdWords coupon codes, and voting for the best football/soccer team or player. GG Voucher Ads (com.m_application.app_moi_6).GG Coupon Ads (com.free_coupon.gg_free_coupon).They are, however, still being distributed on third-party, unsecured app stores, “highlighting the risk of sideloaded applications to mobile endpoints and user data,” Zimperium pointed out. For its part, Google Play removed the malicious apps after Zimperium zLabs gave it the heads-up.
The session-hijacking campaign was initially distributed via Google Play as well as third-party app stores.
The malware, which researchers have traced to operators working out of Vietnam, is part of a family of trojans that use social engineering to take over Facebook accounts, the researchers said. In a report posted on Monday, Zimperium’s zLabs mobile threat research teams wrote that FlyTrap has spread to at least 144 countries since March, via malicious apps distributed through Google Play store and third-party app marketplaces. Researchers have uncovered a new Android trojan, dubbed FlyTrap, that’s spread to more than 10,000 victims via rigged apps on third-party app stores, sideloaded apps and hijacked Facebook accounts.
0 kommentar(er)
