1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • This dangerous new Android trojan can hijack your Facebook accoun

    From TechnologyDaily@1337:1/100 to All on Tue Aug 10 18:30:04 2021
    This dangerous new Android trojan can hijack your Facebook account

    Date:
    Tue, 10 Aug 2021 17:08:30 +0000

    Description:
    Threat actors employ innovative tricks to hijack Facebook sessions of thousands of users from around the world.

    FULL STORY ======================================================================

    Cybersecurity researchers have unraveled a malicious campaign that tricked Android users with malicious apps in order to hijack their Facebook accounts.

    According to researchers at mobile security company Zimperium, the campaign managed to hoodwink over 10,000 users across 140 countries.

    Forensic evidence of this active Android Trojan attack, which we have named FlyTrap, points to malicious parties out of Vietnam running this session hijacking campaign since March 2021. These malicious applications were initially distributed through both Google Play and third-party application stores, Zimperiums Aazim Yaswant wrote in a blog post detailing the campaign. TechRadar needs you!

    We're looking at how our readers use VPNs with streaming sites like Netflix
    so we can improve our content and offer better advice. This survey won't take more than 60 seconds of your time, and we'd hugely appreciate if you'd share your experiences with us.

    Click here to start the survey in a new window << Check our list of the best identity management services These are the best endpoint protection
    tools Weve also compiled a list of the best Android antivirus apps

    Yashwant notes that the researchers were able to turn the tables on the
    threat actors and used vulnerabilities in their command and control (C2) servers to deconstruct the campaign. Worryingly however he notes that these vulnerabilities also expose the entire database of stolen details to anyone
    on the internet. Social engineering

    According to Yashwant, on the face of it, the FlyTrap campaign is a run-off-the-mill scam that deceives people into voluntarily giving up their Facebook credentials. It does this by luring them with free coupon codes for services such as Netflix , Google AdWords , and more.

    However, the malicious apps use the real Facebook single sign-on (SSO) service, which prevents them from harvesting users credentials.

    The threat actors work around this problem by using a trick known as JavaScript injection to instead collect various other pieces of sensitive
    data associated with the Facebook session, including cookies and tokens.

    This allows them to effectively hijack the Facebook session, which they then use to spread the malware by running malicious campaigns through the Facebook users network.

    Google has since removed the malicious apps from the Play Store , after being sounded off by Zimperium. However, the apps are still available on
    third-party app stores and can still be side-loaded. Protect your devices
    with these best antivirus software



    ======================================================================
    Link to news story: https://www.techradar.com/news/new-android-trojan-hijacks-facebook-accounts/


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)