One more nugget of malware looking to get at your juicy data.
Here’s a fun science fact: the Venus fly trap lures its unsuspecting insect prey into its signature jaws by secreting a tantalizingly fragrant nectar from the red, fleshy part on the inside. A fly gets a whiff, buzzes in to investigate, and SNAP! Trapped and digested. It’s interesting to think about as a human, but when the same tactics are used on us to spread malware, it’s a lot less interesting and a lot more annoying.
Cybersecurity firm Zimperium has been spreading the word about a new strain of trojan malware that’s been infecting phones for several months now. This new trojan is named “FlyTrap,” and much like its namesake, it lures innocents in with the promise of tantalizing offers. By the estimates of Zimperium’s zLab mobile security team, FlyTrap has successfully infected over 10,000 devices in approximately 144 countries.
FlyTrap utilizes fake advertisements promising things like free Netflix accounts, coupons, and even tickets to sporting events. If you press the button, you’re prompted to “log in” with your Facebook credentials. These are quickly swiped, turning your Facebook account into a dummy to spread more malware ads to everyone on your friends list. The malware will also mine any connected devices for info like location data, email addresses, cookies, and IP addresses.
The Trojan — called “FlyTrap” by Zimperium researchers — has, since March, been able to spread through the “hijacking of social media, third-party app stores and side-loaded applications”.https://t.co/ekFVhdMEwH
— Sowetan LIVE (@SowetanLIVE) August 11, 2021
Google has removed any apps that are confirmed to be infected with FlyTrap from the Google Play Store, but those apps could still be circulated through third-party means. In order to keep yourself safe, never download any apps from third-party providers, don’t click on any ads (which you really shouldn’t be doing anyway), and only use your Facebook login credentials on the official Facebook app. You should also make sure to have an antivirus program running on your phone, and be mindful of what permissions you’re granting to your installed apps.