SpinSafe
  • Cloud Backup Solutions
  • Torrents
    • Are Torrent Websites Safe?
    • How to Torrent
    • Popular Torrent Website List
  • Best VPN
  • Security Alerts
    • National Cyber Alerts
    • NIST
  • How To
    • How can I protect against Ransomware?
    • Secure Your Wireless Network
    • Home Network Security
  • News
    • Active Threat Alerts
    • Computer Security News
    • Internet Security News
    • Mobile Security News
    • Tech Video News
  • Search
  • Menu Menu
  • Twitter
  • Rss

Schoolyard Bully Android Malware Wants Your Facebook Login, Not Your Lunch Money

December 3, 2022/in Computer Security


schoolyard bully android malware facebook login news
The cybersecurity firm Zimperium, has published a blog post detailing a recently discovered Android malware campaign that has been ongoing since 2018. This campaign spreads a set of malicious apps the researchers are calling the “Schoolyard Bully Trojan” on account of the fact that the malicious apps are disguised as educational apps offering a wide range of books for users to read. However, rather than trying to steal your lunch money with banking malware, the Schoolyard Bully Trojan is out to swipe users’ Facebook account credentials. However, as we’ll discuss, this effort may be a ploy to access victims’ financial accounts after all.

According to the researchers’ findings, this trojan primarily targets Vietnamese users. However, the over 300,000 victims of this malware are spread across at least seventy-one countries, so this malware campaign still poses a threat to users outside of Vietnam. Zimperium researchers identified numerous apps on the Google Play Store that contained the Schoolyard Bully payload. Google has since removed these apps from the Play Store, but they are still available on third-party app stores for unsuspecting users to download.

malicious education apps opening facebook login portal news
Schoolyard Bully Trojan apps include a Facebook login prompt (click to enlarge) (source: Zimperium)

These fraudulent educational apps include what is presented as a chat feature that integrates with Facebook. When users select the chat tab, the apps present users with the legitimate Facebook login page. However, rather than rendering this webpage with Android System WebView, the apps instead use a custom in-app web browser that injects malicious JavaScript into the webpage. This code extracts any login credentials entered into the page and sends them to a server controlled by the threat actors behind this malicious campaign.

In a dark twist, Meta was caught earlier this year using a custom in-app browser within the Facebook, Instagram, and Messenger apps to inject what appeared to be a tracking script into webpages viewed within these apps. We wrote at the time of this discovery that it raised broader privacy and security concerns, as malicious apps could potentially use this same technique to inject code that…

Source…

Share this entry
  • Share on Facebook
  • Share on Twitter
  • Share on WhatsApp
  • Share on Pinterest
  • Share on Tumblr
  • Share on Reddit
https://spinsafe.com/wp-content/uploads/2022/12/schoolyard-bully-android-malware-facebook-login-news.jpg 398 708 SecureTech https://spinsafe.com/wp-content/uploads/2016/11/spinsafelogo-1.png SecureTech2022-12-03 01:30:062022-12-03 01:30:06Schoolyard Bully Android Malware Wants Your Facebook Login, Not Your Lunch Money

Archives

© 2023 SpinSafe
SpinSafe may be compensated by providing links to products, services, websites, and various other options.
  • Twitter
  • Rss
  • Privacy Policy
  • Terms of Service
Pediatric EMR Vendor Hack Affects 2.2 MillionCopper River Cyber Solutions Wins DCSA Contract to Provide Background Investigation...
Scroll to top