Casa > cibernético Notícias > Fakeapp Android Malware Harvests Facebook Credentials
CYBER NEWS

Malware Fakeapp Android colhe credenciais do Facebook

Por causa de sua grande base de usuários, O Facebook costuma ser o alvo de cibercriminosos que usam a plataforma para espalhar golpes e distribuir malware. A última campanha desse tipo, apelidado de Fakeapp, involves a new Android malware strain that is phishing for Facebook login credentials.

Once these credentials are obtained, the malware can collect account information as well as results from the Facebook mobile app’s search functionality.

The Fakeapp malware was recently detected by Symantec pesquisadores who said that the app is being spread via malicious apps targeting English-speaking users on third-party app stores.

Story relacionado: Vírus Facebook detectado em curso Ataque Worldwide

How Does Fakeapp Android Malware Function?

Android applications infected with the malware become concealed from the device’s home screen. Enquanto isso, a service is started in the background of the Android system which initiates a spoofed Facebook login user interface.

This is done so that the victim’s login credentials for the social platform are harvested. Fakeapp is persistent in this behavior as the spoofed login is displayed periodically to users until they type in their credentials for Facebook.

Em poucas palavras, the malware’s activities are as it follows:

  • The malware checks for a target Facebook account by submitting the International Mobile Equipment Identity (IMEI) ao comando e controle (C&C) servidor.
  • If no account can be collected, the malware verifies that the app is installed on the device.
  • The malware then launches a spoofed Facebook login user interface (UI) to steal user credentials.
  • The malware periodically displays this login UI until credentials are successfully collected.

Besides harvesting the login credentials and sending them to the hackers’ server, the Fakeapp malware is immediately using the login details on the compromised device. This behavior is not typical for the average Android Trojan seen so far.

De acordo com a Symantec, the malware shows a certain level of sophistication, especially in the functionality that crawls the Facebook page.

Story relacionado: Facebook Vírus Mensagem Sua imagem de perfil com um link

The crawler has the ability to use the search functionality on Facebook and collect the results. Além disso, to harvest information that is shown using dynamic web techniques, the crawler will scroll the page and pull content via Ajax calls,“ Symantec explained.

Como já mencionado, the behavior of Fakeapp is unique for Android malware, especially because no malicious activities are performed to directly monetize the malware. This fact perhaps means that the malware is a form of spyware that is currently establishing a database of compromised accounts to be used in further malicious operations.

Milena Dimitrova

Um escritor inspirado e gerente de conteúdo que está com SensorsTechForum desde o início do projeto. Um profissional com 10+ anos de experiência na criação de conteúdo envolvente. Focada na privacidade do usuário e desenvolvimento de malware, ela acredita fortemente em um mundo onde a segurança cibernética desempenha um papel central. Se o senso comum não faz sentido, ela vai estar lá para tomar notas. Essas notas podem mais tarde se transformar em artigos! Siga Milena @Milenyim

mais Posts

Me siga:
Twitter

Deixe um comentário

seu endereço de e-mail não será publicado. Campos obrigatórios são marcados *

Compartilhar no Facebook Compartilhar
Carregando...
Compartilhar no Twitter chilrear
Carregando...
Compartilhar no Google Plus Compartilhar
Carregando...
Partilhar no Linkedin Compartilhar
Carregando...
Compartilhar no Digg Compartilhar
Compartilhar no Reddit Compartilhar
Carregando...
Partilhar no StumbleUpon Compartilhar
Carregando...