Fakeapp Android Malware not just steals the Facebook credentials of the user but even search and collects the results, utilizing the search functionality of the Facebook Application.
Facebook is everyone’s favourite and indeed one of the prime targets for the attackers too! Hackers and cybercriminals have on multiple occasions, targeted Facebook, pertaining to its large user base.
The latest attack or campaign involves an android malware named “Fakeapp” which is phishing for the Facebook login credentials of the users. The malware has recently been discovered by the Symantec researchers. As per the researchers at Symantec, this application is being spread via malicious apps, which are targeting the English-speaking users on the third-party app stores. The majority of the victims are located in the regions of Asia-Pacific and this malware, while adopting an aggressive approach harvests the login credentials and other account details, directly from the device used by the user.
So, how does Fakeapp malware functions and hacks into your account?
The malicious android malware dubbed as “Android.Fakeapp” hides itself and does not appear on the home screen of the device being used. It initiates a service that continuously runs in the background, displaying a fake Facebook login screen in order to steal your Facebook credentials.
What is unusually different about this Android Malware and distinguishes it from many of the information-stealing Trojans for Android is that it not just harvests your login credentials and sends it to the attackers’ server but it also steals other information by logging in the compromised account from the victim’s device itself.
Following are the steps by which the Fakeapp Android Malware steals the details of the users from their Facebook Account:
What Symantec has to say about Fakeapp?
Martin Zhang and Shaun Aimoto, who have been involved in analyzing Fakeapp say:
“The functionality that crawls the Facebook page has a surprising level of sophistication. The crawler has the ability to use the search functionality on Facebook and collect the results. Additionally, to harvest information that is shown using dynamic web techniques, the crawler will scroll the page and pull content via Ajax calls.”
As per the researchers, the application does not seem to be involved in any of the money making operations but the purpose may seem to be more inclined towards building a data base of the people who would be of higher interest specifically for the attacker behind this campaign.
How can you stay protected?
Using best malware protection or any of the free malware removal tools can help you stay protected from any such malware that can steal your sensitive information and personal details. Apart from this, there are certain precautionary measures to adopt in order to prevent your computer system from getting infected.
Tips to prevent your computer system from getting infected –
Hits: 101
Subscribe to our newsletter today to receive updates on the Latest News and Threats.
Want to stay informed about the latest threats & malware? Sign up for our newsletter & learn how to get rid of all types of threats from your computer.