Android Trojan hits more than 10,000 victims in 144 countries — and SA isn't spared

SA has not been spared as a new Android Trojan has been identified.

Cybersecurity firm Zimperium released a report on Monday explaining how the malware has been able to hit more than 10,000 victims in 144 countries, including almost all the countries in Africa, South America, North America, some European Union countries and Russia.

China was not affected.

The Trojan — called “FlyTrap” by Zimperium researchers — has, since March, been able to spread through the “hijacking of social media, third-party app stores and side-loaded applications”.

Zimperium said the mobile application poses a threat to the victim’s social identity by hijacking their Facebook accounts via a Trojan infecting their Android device.

The information collected from the victim’s Android device includes Facebook ID, location, email address, IP address and cookie and tokens associated with the Facebook account.

“FlyTrap is another example of threats targeting our mobile devices. They are built to steal your information such as your social media usernames and passwords and can cause all sorts of havoc,” said Anna Collard, senior vice-president of content strategy and evangelist for KnowBe4 Africa, a company which provides security awareness training.

Collard said, typically, the malicious apps get on to your phone by tricking you to click on a link in a WhatsApp, SMS or social media message you may receive out of the blue or even from one of your friends whose accounts have already been compromised. 

Zimperium said if your phone battery runs out too quickly, if you have pop-ups coming up, or strange apps that one has not downloaded are the red flags which could indicate that your phone has been hacked or infected with mobile malware.

Zimperium advised phone users to only download apps or update apps from the official app store.

“Don’t ever click on a WhatsApp or SMS link that tries to trick you into updating an app, downloading an app or installing anything. Also be aware of mobile phishing — links to sites that are trying to steal your personal information, such as username and passwords.”

Zimperium advised phone users to consider installing a reputable mobile anti-malware app.

“Keep your apps and software updated and remove any apps you no longer need or use.”

Zimperium said if you think that your device is infected, the first thing you can do is try to remove the suspicious app.

“You could go back in time and restore the device as a new device from a previous backup or if it's still persistent you may need to do a full reset.”

Zimperium said for Android devices, it is highly recommended to download a mobile security or antivirus app that scans the device and removes the malicious app.

TimesLIVE