Saturday, June 22, 2024

Hackers Steals Facebook Account Details Using Android Malware

New Android malware discovered that steals Facebook credentials, account details such as username and Passwords and other information directly from users devices.

This Malware mainly targeting the Asian Pacific-based English speaking users and it spreading via the third-party market.

This new credential stealer contains a lot of aggressive function and malware author using new sophisticated functionality to compromise the victim’s device and steal the credentials.

Also Read: A Facebook Vulnerability that Allows to Reveals the Facebook Page Admin Identity

How does this Malware steal Facebook Details

Once this Malware infects the victims initially it hide from the home screen and silently running in the background.

It will check the infected devices Facebook account by submitting the infected mobiles IMEI number to the attacker via command and control server.

If the malware did not collect any details regards the infected device Facebook account, it will very the apps list whether or not Facebook app installed.

Once it did not find the app then the malware launch the fake Facebook interface to compromise the victims and steal the victim’s original username and password.

This malware keeps display this interface until it successfully collects the Facebook credentials by using the JavaScript from a hidden WebView, the threat silently logs into the compromised Facebook account.

In this case, it also checks whether CAPTCHA is presented or not. if yes then it sends the event to the C&C server, clears caches and cookies, and retries later.

According to Symantec, Once the malware is logged into the Facebook page, it can leverage a wide range of capabilities to follow links and scrape the personal data of the victim and their friends, sending it back to the C&C server. This includes:
General top-level data: Facebook account, user, password, device IMEI
Profile: Work, education, location, contacts, basic info, nicknames, relationships, family, bio
Activities: Check in, events, friends, groups, likes, pages, posts

This malware using the functionality that crawls the Facebook page has a surprising level of sophistication. and the crawler has an ability to crawl the search and collect the Facebook search.


Latest articles

PrestaShop Website Under Injection Attack Via Facebook Module

A critical vulnerability has been discovered in the "Facebook" module (pkfacebook) from for...

Beware Of Illegal OTT Platforms That Exposes Sensitive Personal Information

A recent rise in data breaches from illegal Chinese OTT platforms exposes that user...

Beware Of Zergeca Botnet with Advanced Scanning & Persistence Features

A new botnet named Zergeca has emerged, showcasing advanced capabilities that set it apart...

Mailcow Mail Server Vulnerability Let Attackers Execute Remote Code

Two critical vulnerabilities (CVE-2024-31204 and CVE-2024-30270) affecting Mailcow versions before 2024-04 allow attackers to...

Hackers Attacking Vaults, Buckets, And Secrets To Steal Data

Hackers target vaults, buckets, and secrets to access some of the most classified and...

Hackers Weaponizing Windows Shortcut Files for Phishing

LNK files, a shortcut file type in Windows OS, provide easy access to programs,...

New Highly Evasive SquidLoader Attacking Employees Mimic As Word Document

Researchers discovered a new malware loader named SquidLoader targeting Chinese organizations, which arrives as...
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Free Webinar

API Vulnerability Scanning

71% of the internet traffic comes from APIs so APIs have become soft targets for hackers.Securing APIs is a simple workflow provided you find API specific vulnerabilities and protect them.In the upcoming webinar, join Vivek Gopalan, VP of Products at Indusface as he takes you through the fundamentals of API vulnerability scanning..
Key takeaways include:

  • Scan API endpoints for OWASP API Top 10 vulnerabilities
  • Perform API penetration testing for business logic vulnerabilities
  • Prioritize the most critical vulnerabilities with AcuRisQ
  • Workflow automation for this entire process

Related Articles