Malicious Trojan Application Targets Facebook
A new Android trojan app has been targeting Facebook users in an attempt to gather sensitive information. The popular social media site has two-factor authentication protection which the malicious app has been attempting to breach.
The new trojan aims to gather banking information from the user by injecting a faulty JavaScript code in Facebook pages. The unaware Facebook user is instructed by the rogue code to download and install Android malware that steals authentication codes sent via SMS to the user’s phone. These corrupted codes are called webinjects, and are commonly used to trick users into downloading malicious applications to their cell phones to gain access to financial information. Most of the time, the applications look like an application from the user’s bank, and are designed to steal mobile transaction authorization numbers and one-time passwords sent by banks by SMS.
Security researchers from RSA, the security division of EMC, announced that the source code for another advanced Android trojan was released in February on an underground forum. The RSA warned that the application, called iBanking, has opened up new opportunities for cybercriminals to incorporate mobile threats in future operations.
The owners of the new, malicious Android app (referred to as Qadars) have adopted a method similar to the iBanking idea, but instead use the rogue coding to target Facebook users.
When Facebook users access their account on an infected computer, a message informs them that, “due to a rising number of attempts in order to gain unlawful access to the personal information of our users and to prevent corrupted page data to spread Facebook administration introduces new extra safety protection system,” Computer World reported.
The users are then instructed to download a mobile application for extra protection, and are asked to provide the OS of their cell phone and their phone number. They are then given the QR code to download. Once the download is complete, the trojan app can access log in information and one-time passwords sent to the user’s phone to gain access to a variety of accounts, including their financial information.
To avoid being affected by malicious activity, confirm all applications with your financial institution before downloading anything to your phone that could gain access to sensitive information.
Leave a Reply