Android Malware named “Fakeapp” snitches Facebook Credentials

Android Malware Named “Fakeapp” Snitches Facebook
Credentials
Fakeapp Android Malware not just steals the Facebook credentials of the user but even search
and collects the results, utilizing the search functionality of the Facebook Application.
Facebook is everyone’s favourite and indeed one of the prime targets for the attackers too!
Hackers and cybercriminals have on multiple occasions, targeted Facebook, pertaining to its
large user base.
The latest attack or campaign involves an android malware named “Fakeapp” which is phishing
for the Facebook login credentials of the users. The malware has recently been discovered by the
Symantec researchers. As per the researchers at Symantec, this application is being spread via
malicious apps, which are targeting the English-speaking users on the third-party app stores. The
majority of the victims are located in the regions of Asia-Pacific and this malware, while
adopting an aggressive approach harvests the login credentials and other account details, directly
from the device used by the user.
So, how does Fakeapp malware functions and hacks into your account?
The malicious android malware dubbed as “Android.Fakeapp” hides itself and does not appear
on the home screen of the device being used. It initiates a service that continuously runs in the
background, displaying a fake Facebook login screen in order to steal your Facebook credentials.
What is unusually different about this Android Malware and distinguishes it from many of the
information-stealing Trojans for Android is that it not just harvests your login credentials and
sends it to the attackers’ server but it also steals other information by logging in the
compromised account from the victim’s device itself.
Following are the steps by which the Fakeapp Android Malware steals the details of the users
from their Facebook Account:




First, it will check for its aimed Facebook Account by submitting the IEMI (International
Mobile Equipment Identity) number of the device, it is targeting to the Command and
Control (C&C) server.
If none of the accounts can be collected from the device, it verifies the installation of the
app on the targeted device.
Then, a spoofed Facebook login user interface (UI) is launched by the application in
order to steal the user credentials.
The Login UI is often displayed until the credentials of the targeted user have been
successfully collected.
What Symantec has to say about Fakeapp?
Martin Zhang and Shaun Aimoto, who have been involved in analyzing Fakeapp say:
“The functionality that crawls the Facebook page has a surprising level of sophistication. The
crawler has the ability to use the search functionality on Facebook and collect the results.
Additionally, to harvest information that is shown using dynamic web techniques, the crawler
will scroll the page and pull content via Ajax calls.”
As per the researchers, the application does not seem to be involved in any of the money making
operations but the purpose may seem to be more inclined towards building a data base of the
people who would be of higher interest specifically for the attacker behind this campaign.
How can you stay protected?
Using best malware protection or any of the free malware removal tools can help you stay
protected from any such malware that can steal your sensitive information and personal details.
Apart from this, there are certain precautionary measures to adopt in order to prevent your
computer system from getting infected.
Tips to prevent your computer system from getting infected –
1. Keeping the Operating System Updated- In order to remain protected and avoid such
infections, it is recommended to keep your Operating System updated by enabling the
automatic update on your system. The systems with outdated or older versions of
Operating System become an easy target for the attackers.
2. Resist clicking on spam emails – One of the major techniques used for malware
distribution is forwarding spam emails to the user. The system gets infected as soon as
the user clicks on the attachment. These mails appear to be genuine, so be aware and
resist falling for these tricks.
3. Keep an eye on third party installations- It is quite important that you take due care
while installing any third party applications for they are major source of such infections.
Such malware programs come bundled with the free applications thereby requiring the
user to remain cautious.
4. Regular periodical backup- In order to keep your data and files safe, it is recommended
to take regular back up of all your data and files either on an external drive or cloud.
5. Use Anti-Virus Protection- We strongly recommend the use of antivirus
protection/internet security in your PC like Sophos andBullGuard Internet Security so
that it remains safe.
6. Enable the Ad Blocker/Popup Blocker in your browser- Enabling the popup blocker/
ad blocker in your chosen browser will help you to stay protected from annoying adware.