FlyTrap Malware Description
A threatening attack campaign targeting Android users and aiming to collect their Facebook credentials has been going on for months apparently. The operation deployed a previously unknown malware threat that has been named FlyTrap. According to a report released by the researchers at Zimperium's zLabs, the FlyTrap has been able to compromise Facebook accounts of more than 10, 000 users spread across approximately 144 countries. The threat actor behind the campaign appears to be operating from Vietnam.
The FlyTrap attack relied on numerous weaponized applications and employed social engineering tricks to lure its victims. The threatening applications were even available for download from the official Google Play store before being taken down. Now, they are spreading through third-party platforms and stores. So far, nine different applications delivering the FlyTrap malware have been detected - GG Voucher, Vote European Football, GG Coupon Ads, GG Voucher Ads, GG Voucher, Chatfuel, Net Coupon, a different Net Coupon and EURO 2021 Official. They pretend to offer lucrative rewards, such as Netflix or Google AdWords coupon codes, or try to engage users through popular events such as urging them to vote for their favorite team and players participating in the UEFA EURO 2020 that took place between June 11 and July 11, 2021. However, to access the supposed rewards, users were told to log in using their Facebook accounts.