Android Malware Named “Fakeapp” Snitches Facebook Credentials

Fakeapp Android Malware not just steals the Facebook credentials of the user but even search and collects the results, utilizing the search functionality of the Facebook Application.

Facebook is everyone’s favourite and indeed one of the prime targets for the attackers too! Hackers and cybercriminals have on multiple occasions, targeted Facebook, pertaining to its large user base.

The latest attack or campaign involves an android malware named “Fakeapp” which is phishing for the Facebook login credentials of the users. The malware has recently been discovered by the Symantec researchers. As per the researchers at Symantec, this application is being spread via malicious apps, which are targeting the English-speaking users on the third-party app stores. The majority of the victims are located in the regions of Asia-Pacific and this malware, while adopting an aggressive approach harvests the login credentials and other account details, directly from the device used by the user.

So, how does Fakeapp malware functions and hacks into your account?

The malicious android malware dubbed as “Android.Fakeapp” hides itself and does not appear on the home screen of the device being used. It initiates a service that continuously runs in the background, displaying a fake Facebook login screen in order to steal your Facebook credentials.

What is unusually different about this Android Malware and distinguishes it from many of the information-stealing Trojans for Android is that it not just harvests your login credentials and sends it to the attackers’ server but it also steals other information by logging in the compromised account from the victim’s device itself.

Following are the steps by which the Fakeapp Android Malware steals the details of the users from their Facebook Account:

• First, it will check for its aimed Facebook Account by submitting the IEMI (International Mobile Equipment Identity) number of the device, it is targeting to the Command and Control (C&C) server.
• If none of the accounts can be collected from the device, it verifies the installation of the app on the targeted device.
• Then, a spoofed Facebook login user interface (UI) is launched by the application in order to steal the user credentials.
• The Login UI is often displayed until the credentials of the targeted user have been successfully collected.

What Symantec has to say about Fakeapp?

Martin Zhang and Shaun Aimoto, who have been involved in analyzing Fakeapp say:

“The functionality that crawls the Facebook page has a surprising level of sophistication.  The crawler has the ability to use the search functionality on Facebook and collect the results. Additionally, to harvest information that is shown using dynamic web techniques, the crawler will scroll the page and pull content via Ajax calls.”

As per the researchers, the application does not seem to be involved in any of the money making operations but the purpose may seem to be more inclined towards building a data base of the people who would be of higher interest specifically for the attacker behind this campaign.

How can you stay protected?

Using best malware protection or any of the free malware removal tools can help you stay protected from any such malware that can steal your sensitive information and personal details. Apart from this, there are certain precautionary measures to adopt in order to prevent your computer system from getting infected.

Tips to prevent your computer system from getting infected –

1. Keeping the Operating System Updated- In order to remain protected and avoid such infections, it is recommended to keep your Operating System updated by enabling the automatic update on your system. The systems with outdated or older versions of Operating System become an easy target for the attackers.
2. Resist clicking on spam emails – One of the major techniques used for malware distribution is forwarding spam emails to the user. The system gets infected as soon as the user clicks on the attachment. These mails appear to be genuine, so be aware and resist falling for these tricks.
3. Keep an eye on third party installations- It is quite important that you take due care while installing any third party applications for they are major source of such infections. Such malware programs come bundled with the free applications thereby requiring the user to remain cautious.
4. Regular periodical backup- In order to keep your data and files safe, it is recommended to take regular back up of all your data and files either on an external drive or cloud.
5. Use Anti-Virus Protection- We strongly recommend the use of antivirus protection/internet security in your PC like Sophos andBullGuard Internet Security so that it remains safe.
6. Enable the Ad Blocker/Popup Blocker in your browser- Enabling the popup blocker/ ad blocker in your chosen browser will help you to stay protected from annoying adware.

Hits: 105