How to prevent the Android ‘FlyTrap’ Malware from getting caught

by -
Image: Fit Ztudio (Shutterstock) – Over 10,000 people globally are hacked and FlyTrap is spreading rapidly.

Beware, Android users – A new Trojan infection contains devices throughout the world has stolen thousands of users’ personal data.

The latest Trojan, called FlyTrap, has infected more than 10,000 devices in at least 144 countries, according to a recent study from cyber security company Zimperium’s ZLab Mobile Security Team Once activated on a device, personal information like: can be collected once:

  • Data for location.
  • IP addresses. IP adresses.
  • Addresses for email.
  • Cookies, Facebook IDs, login tokens, etc.

The hackers can then secure their Facebook account for sending further phishing links via direct messages and posts to the user’s connections or sending them URLs containing more even worse malware.

Examples of the fake FlyTrap couponsScreenshot: Zimperium

The zLabs researchers tracked FlyTrap back to a known Vietnamese malware gang that spreads malware in a wide range of methods, including using the group’s Google Play Store and other Android app stores applications. The group is now published.

The hackers also attack through bogus advertising, which promises to offer free Netflix vouchers, Google AdWords discounts or even football match tickets. When a user uses the ad, the app will request the user to log in and request a free offer from their Facebook account — so that the “deal” only has expired.

How the FlyTrap trojan gets users to the Facebook login pageScreenshot: Zimperium

Note that these counterfeit adverts do not use false login pages to collect anybody’s account information. On the contrary, advertising use Javascript injection to collect personal Facebook data, a way that works even despite the official Facebook login page—or any website’s login page.

And therefore FlyTrap is such a threat: through seeming genuine links and programs it may swiftly spread to many people. Although the virus is now primarily used to steal personal data, it may potentially be used more disastrously to allow large-scale distribution of ransomware.

How to protect yourself against the trojan FlyTrap

In reaction to the zLabs investigation, Google already deleted dangerous applications from the Play Store and apps are no longer operational on any device that has them installed. They may, however, still be available on websites of third parties. Neither the problematic applications are, however, specifically identified in the report of Zimperium.

The harmful adverts are still active in the open, therefore users of Android must make sure their devices stay secure. Here are a few fast tips:

  • Use anti-malware and antivirus programs that can assist affected users identify and delete malware, to scan new apps that you want to install on the most common dangers before you download.
  • Do not allow superfluous applications.
  • Even from the Google Play Store, don’t download unfamiliar apps and completely scan programs you install.
  • Don’t click on unfamiliar links and take care of offers and such tactics of internet fraud “too good to true.”
  • Do not provide any individual or third-party apps your Facebook account details.
  • Login through official app or website to Facebook (and other social media), and don’t ever get an advertisement, email or irrelevant app.