A new type of malware is spreading across the world and it can pose as the victim's Facebook account! The new FlyTrap malware abuses the victim's social media account to further spread the virus.
Learn more about the FlyTrap malware and how you can avoid falling victim to it.
FlyTrap Malware Attacking Android Users
The New FlyTrap malware is spreading through Android apps, affecting over 10,000 users in 144 countries, Cyber Security Connect said.
The malware has been around, attacking users since March 2021, said cybersecurity researchers Zimperium. It is part of the family of Trojans that use social engineering tricks to hijack Facebook accounts and spread the malicious apps to trap more victims.
It works and spreads by luring victims to download malicious applications. The apps offer incentives like Netflix codes or ask the victim to take part in a poll, Cyber Security Connect explained.
Once the app is downloaded to the device, it prompts the victim to log into Facebook. Having been "granted" access to the social media account, the malware not only steal the victim's data but pretends to be the victim and encourage others to download the malware too.
The hijacked Facebook accounts can exploit the victim’s social credibility by sending out personal messages containing the link to the Trojan, infecting other people with the malware too.
The malicious apps don't even look all that suspicious. Zimperium said the app tricks users into trusting and downloading it using high-quality designs and social engineering.
Following along with the abuse of trust, the hijacked social media accounts can exploit the victim's social credibility by sending out personal messages containing the link to the Trojan. The malware can also propagate disinformation campaigns using the victim's geolocation details.
Read Also: Worried Google Is Spying on You? Here Are 11 Browsers That Are More Private
As the app abuses social engineering techniques that are highly effective in earning the trust of users in this digitally connected world, it is able to spread quickly from one victim to another. Cybercriminals are well-aware of these techniques and use it to their full advantage.
These malicious actors can collect the victim's Facebook ID, location, e-mail address, IP address, as well as cookies and tokens associated with the Facebook account. With this information at their disposal, they can do just about anything with a little bit of digging and extracting.
If the victim's e-mail address is linked with any other accounts or profiles, it can try and hack those accounts as well. And if it so happens to be connected to a bank account, then it is even more dangerous for the victim.
Tips to Avoid Falling Victim to FlyTrap Malware Attacks
The most straightforward way to avoid being infected by the FlyTrap malware is to not download any apps that are not from the Google Play Store and are not from any reputable app developers.
Moreso, it is best to never log in to your accounts, social media, or otherwise, while on a third-party browser like what an app infected with the FlyTrap malware does. If an app or other website requires you to join or login to your Facebook to claim a prize, it is best to err in the side of caution and just avoid that app or website.
Avoid opening suspicious links, no matter how trusted the friend or family member who sent it to you is. Unless verified, that link might be infected and can harbor other types of malware that can be just as harmful.
Related Article: Joker Malware in Android: 11 Apps to Avoid in Google Play Store to Prevent Infection
