flytrap malware

Cybersecurity Today – FlyTrap Malware Hacks Thousands of Facebook Accounts

2 Mins Read

PUREVPNIndustry NewsCybersecurity Today – FlyTrap Malware Hacks Thousands of Facebook Accounts

If you’re an Android user, there are apps available on the Google Play Store that have been stealing your Facebook credentials. A new Android malware, dubbed ‘FlyTrap’, has been found to compromise Facebook accounts of over 10,000 users in at least 144 countries.

The malware has been harvesting user credentials since March 2021 via fraudulent apps distributed through the Google Play Store and other third-party app marketplaces.

What is FlyTrap?

FlyTrap is a malware that employs social engineering tactics to breach a Facebook account. According to a report, the origins of the malware come from Vietnam.

Upon discovery, Google removed the malicious apps from its Play Store, but they are easily available on third-party app stores and websites. The list of apps is as follows –

  •       GG Voucher (com.luxcarad.cardid)
  •       Vote European Football (com.gardenguides.plantingfree)
  •       GG Coupon Ads (com.free_coupon.gg_free_coupon)
  •       GG Voucher Ads (com.m_application.app_moi_6)
  •       GG Voucher (com.free.voucher)
  •       Chatfuel (com.ynsuper.chatfuel)
  •       Net Coupon (com.free_coupon.net_coupon)
  •       Net Coupon (com.movie.net_coupon)
  •       EURO 2021 Official (com.euro2021)

How Does the Malware Work?

The malicious app has malware code injected into ordinary apps. It claimed to offer Netflix and Google AdWords coupon codes and allows users to vote for their preferred teams and players at UEFA EURO 2020, between 11 June and 11 July 2021.

To vote for their favourite teams and players, the app requires users to log in with their Facebook accounts to submit their vote or collect the coupon code.

When a user signs in to their Facebook account, the malware automatically jumps into action. FlyTrap steals the user’s Facebook ID, location, email address, IP address, and the cookies and tokens associated with the Facebook account.

Once it steals the victim’s data, it enables the malware to begin its malicious campaign. It uses the victim’s geolocation and other details to carry out social engineering attacks.

The only way to avoid this is to ensure that you download and install apps from original stores and do not link your social media accounts with the app.

author

PureVPN

date

November 24, 2022

time

1 year ago

PureVPN is a leading VPN service provider that excels in providing easy solutions for online privacy and security. With 6000+ servers in 65+ countries, It helps consumers and businesses in keeping their online identity secured.

Related Stories

VPN Use Surges in Sudan Due to Internet Ban

VPN Use Surges in Sudan Due to Internet Ban
Posted on April 19, 2024
‘Cheat Lab’ Tricks Gamers into Spreading Data-Stealing Malware

‘Cheat Lab’ Tricks Gamers into Spreading Data-Stealing Malware
Posted on April 19, 2024
TP-Link Routers Targeted by Botnets Exploiting One-Year-Old Vulnerability

TP-Link Routers Targeted by Botnets Exploiting One-Year-Old Vulnerability
Posted on April 18, 2024

Have Your Say!!

Join 3 million+ users to embrace internet freedom

Signup for PureVPN to get complete online security and privacy with a hidden IP address and encrypted internet traffic.

Get PureVPN