“Fakeapp” Android Malware Steals Facebook Credentials

This new Android malware steals Facebook data directly from the device

Facebook is no stranger to spreading of scams and installation of malicious malware on its platform. Thanks to its large user base, the popular social media networking site has always been the favorite of cybercriminals and hackers.

In a newly identified scam detected by security company Symantec, a malicious app dubbed ‘Android.Fakeapp’, involves a new malware strain that is phishing for Facebook login credentials directly from the targeted devices. Once the Facebook user credentials are obtained, the malware logs into the account and collects account information and results using the Facebook mobile app’s search functionality.

According to the researchers, the Fakeapp malware is currently made available via malicious apps to English-speaking users on third-party app stores.

How does the Fakeapp malware work?

Once installed, the apps infected with the Fakeapp malware will immediately hide from the phone’s home screen, leaving only a service running in the background. The malware acts step-by-step (see below) since its installation to steal details from a Facebook user’s account:

  • It checks for a target Facebook account by submitting the International Mobile Equipment Identity (IMEI) to the command and control (C&C) server.
  • If no account can be collected, it verifies that the app is installed on the device.
  • It then launches a spoofed Facebook login user interface (UI) to steal user credentials.
  • It periodically displays this login UI until credentials are successfully collected.

Besides sending the collected Facebook login credentials to the attacker’s server, the Fakeapp malware also immediately uses the login details to login into the compromised Facebook account. Once the malware is logged into the Facebook page, it can collect wide variety of information on education, work, contacts, bio, family, relationships, events, groups, likes, posts, pages, and so on.

“The functionality that crawls the Facebook page has a surprising level of sophistication,” Martin Zhang and Shaun Aimoto, the two Symantec researchers who analyzed Fakeapp say.

“The crawler has the ability to use the search functionality on Facebook and collect the results. Additionally, to harvest information that is shown using dynamic web techniques, the crawler will scroll the page and pull content via Ajax calls,” Symantec explained.

In order to stay safe, Facebook users are recommended to regularly update the software and avoid installing applications from unknown sources. Only download apps that are from trusted sources.

Source: Symantec, Bleeping Computer

Kavita Iyer

An individual, optimist, homemaker, foodie, a die hard cricket fan and most importantly one who believes in Being Human

Recent Posts

Google Chrome’s Dark Mode For macOS To Arrive In Early 2019

Chrome’s Dark Mode in macOS Mojave to come by early 2019 In early September this year, it was rumored that…

7 mins ago

Best 29 Tech Companies To Work For In The U.S. In 2019

Top 29 U.S. tech companies to work for in 2019, according to Glassdoor Glassdoor, the renowned career job site, has…

21 hours ago

10 Best Free Live Cricket Streaming Sites In HD

Cricket enthusiasts are all over the globe, and cricket streaming sites have made it easier to watch cricket anytime and anywhere.…

22 hours ago

12 Security Tech Terms Everyone Must Know

With tons of new technology coming out in the 21st century, it’s extremely important that you know what each of…

1 day ago

How to turn off Find My iPhone on your iPhone, iPad and Mac Device

"Find my iPhone" is a great service from Apple, which lets you find your lost iPhone, iPad, iPod, and Macbook. But…

2 days ago

Torrent Tracker ‘Leechers Paradise’ Calls It Quit After 12 Years

Leechers Paradise shuts down after 12 years of torrent tracking Leechers Paradise, one of the world's oldest and most vital…

2 days ago