Malware steals Facebook account details from 300,000 devices

New malware is on the prowl and is seen spreading malicious software in disguise of applications meant for teaching, reading, and other education-related activities. In particular, the apps targeted users from Vietnam and infected about 300,000 devices in over 71 countries just to steal Facebook(FB) credentials.

ZIMPERIUM is the firm that conducted the study and discovered the infection in the wild in 2018. The company named the malevolent software “Schoolyard Bully” and Google removed it from its play-store in early 2019.

Surprisingly and as expected, the malware is circulating on Android devices and spreading through 3rd party app stores available on the web.

As of now, Schoolyard Bully is caught infecting Vietnam’s smart device populace, and the reason is unknown. But is discovered stealing FB credentials such as email and passwords, device names, device RAM, Device API, usernames, and account IDs from connected devices operating in over 71 countries.

In other news related to the malware and stealing info from android OS loaded devices, some hackers are found using platform certificates often used by OEM vendors to digitally sign core systems apps.

And if threat actors gain permission for such access, then their developed applications can gain system-level access, allowing them to install or delete packages, manage ongoing calls and messaging, gather data about the device and send it to remote servers.

Lukasz Siekierski, a Reverse Engineer at Google, confirmed the news and added that cyber crooks were seen compromising Samsung, LG, and MediaTek certificates that allow signing Android malware.

Google took measures to keep the OEMs informed about the certification abuse and is urging them to rotate their platform certificates, check for any leaks, and keep a tab of apps that have legible access to their core system platforms.

 

The post Malware steals Facebook account details from 300,000 devices appeared first on Cybersecurity Insiders.

LATEST ARTICLE

See Our Latest

Blog Posts

admin October 2nd, 2024

Privacy is no longer a growing requirement for doing business — it’s the new status quo. The stakes for not […]

admin October 2nd, 2024

There’s no question which technology everyone’s talking about in retail. Generative AI continues to promote incredible levels of interest with […]

admin October 1st, 2024

Credit: Hadlee Simons / Android Authority The Personal Safety app on Android will soon get a new option to add […]