New FlyTrap Android Malware Affects Thousands of Devices

Mobile security researchers have uncovered a new mobile malware making the rounds. The malware has been dubbed FlyTrap and affects Android devices.

According to reports, over 10 thousand devices have had FlyTrap deployed on them, with victims in nearly 150 different countries all over the globe. The report detailing the malware comes from zLabs - a branch of mobile security firm Zimperium.

The malware was spotted in both applications that were on the Google Play Store and on third-party app depots. The infected app packages have been promptly taken down from the Play Store, following zLabs' notification sent to Google. Curiously, researchers have traced the mobile malware back to a group of bad actors based in southern Asia, specifically in Vietnam.

The malware acts as a Trojan and uses recognizable social engineering tricks to pull off Facebook account takeovers. The way FlyTrap works is, it displays innocent-looking ads in the malicious apps, including ads for coupons or innocuous-looking voting games and polls. Researchers also noted that all banners and buttons related with the malware were produced to a high visual and quality standard, lending further credibility to the scheme.

The buttons and links ask users to log into their Facebook accounts, while FlyTrap hijacks the information input and essentially gains access to the account.

A final curious detail about the malicious campaign is that even after victims feed their Facebook credentials to the hackers, the apps display one last message, saying the fake Netflix coupon or other dangled bait is now expired. This probably adds a further edge of fake legitimacy to the whole campaign.

To make matters worse, researchers discovered that the servers the bad actors behind FlyTrap use are misconfigured and can be hacked into and expose all stolen accounts and credentials to other threat actors or "anyone on the internet".

Here is a list of application names and associated domains that are known to contain FlyTrap, as published by zLabs:

GG Voucher (com.luxcarad.cardid)

Vote European Football (com.gardenguides.plantingfree)

GG Coupon Ads (com.free_coupon.gg_free_coupon)

GG Voucher Ads (com.m_application.app_moi_6)

GG Voucher (com.free.voucher)

Chatfuel (com.ynsuper.chatfuel)

Net Coupon (com.free_coupon.net_coupon)

Net Coupon (com.movie.net_coupon)

EURO 2021 Official (com.euro2021)

By Zaib
August 10, 2021
Computer Security
English
August 10, 2021
Computer Security

Popular Posts

As Fears of the Coronavirus Pandemic Spread, So Does...

4 years ago

Microsoft Warns State-Backed Threat Actors Are Using AI in...

4 days ago

Trojan Al11 Malware Detection & Removal - An Essential...

11 months ago

Pinaview is a Fully-Featured Adware App

10 months ago

"Your iCloud is Being Hacked" and "Your iPhone has Been...

7 months ago

What is Lucky Ransomware?

7 months ago

Related Posts

Computer Security

Flubot Malware Infecting Android Mobile Devices

Owners of Android mobile devices, phones in particular, living in the UK have recently been targeted by a new malware campaign. The malware in question is called Flubut and acts as spyware. Flubot is being... Read more

April 27, 2021
Malware, Trojan

FakeChat Malware Steals Financial Data from Android Devices

The FakeChat Malware is a dangerous banking Trojan seeking to compromise Android mobile devices. The malware was initially spread throughout Spain, but recent attack campaigns have reached other European countries... Read more

April 30, 2021
Malware

XCodeGhost Malware on iOS Devices

XCodeGhost is the name of a modified, malicious version of Apple's official XCode development environment that is used for creating and publishing mobile iOS applications. XCodeGhost was first discovered back in 2015... Read more

May 24, 2021
English
Loading...

Cyclonis Backup Details & Terms

The Free Basic Cyclonis Backup plan gives you 2 GB of cloud storage space with full functionality! No credit card required. Need more storage space? Purchase a larger Cyclonis Backup plan today! To learn more about our policies and pricing, see Terms of Service, Privacy Policy, Discount Terms and Purchase Page. If you wish to uninstall the app, please visit the Uninstallation Instructions page.

Cyclonis Password Manager Details & Terms

FREE Trial: 30-Day One-Time Offer! No credit card required for Free Trial. Full functionality for the length of the Free Trial. (Full functionality after Free Trial requires subscription purchase.) To learn more about our policies and pricing, see EULA, Privacy Policy, Discount Terms and Purchase Page. If you wish to uninstall the app, please visit the Uninstallation Instructions page.

Home

Products

Cyclonis Backup Cyclonis Password Manager Cyclonis World Time

Support

Help Files FAQs Downloads Inquiries & Support

Company

About Us Contact Us Report Abuse

Legal (Post Merger)

EnigmaSoft Limited (fka Cyclonis Limited)

Cyclonis Backup's Terms of Service Cyclonis Password Manager's EULA Cyclonis World Time's Terms of Service Privacy Policy Cookie Policy Special Discount Offer Terms Additional Terms & Conditions SpyHunter EULA RegHunter EULA EnigmaSoft Privacy Policy & Cookie Policy ESG Privacy Policy & Cookie Policy EnigmaSoft Discount Offer Terms ESG Discount Offer Terms

© 2017-2024 Cyclonis Ltd. CYCLONIS is a trademark of EnigmaSoft Limited (Cyclonis was merged into EnigmaSoft Limited effective November 25, 2023.) All rights reserved.

Registered Office EnigmaSoft Limited: 1 Castle Street, 3rd Floor, Dublin 2 D02 XD82, Ireland.
EnigmaSoft Limited, Private Company Limited by shares, Company Registration Number 597114.

Windows is a trademark of Microsoft, registered in the U.S. and other countries.
Mac, iPhone, iPad and App Store are trademarks of Apple Inc., registered in the U.S. and other countries.
iOS is a registered trademark of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries.
Android and Google Play are trademarks of Google LLC.