This new tactic can steal your Facebook account

FlyTrap, the new tactic to steal Facebook accounts

The fact that Facebook is one of the social media Most commonly used, hackers are constantly looking for a way to steal accounts. For this they use different methods such as keyloggers, Phishing attacks, Trojans … In this case it is a malware campaign called FlyTrap.

What exactly does it consist of? The cybercriminal uses Android apps that apparently are not going to be a problem and are going to be attractive to the user. For example, it uses programs with certain baits for the victim to install them, such as to watch Netflix cheaper or for free, applications to evaluate the game of soccer players and obtain a reward, etc.

But of course, those programs that on paper should not pose a problem, in reality they are only a bait for the victim to install them and they will contain malware. To get to watch Netflix for free or to get any supposed prize that they promise, it is necessary to log in to Facebook. That’s when the problem starts.

FlyTrap is based on the JavaScript injection and in this way it is able to collect user data. If they put in their Facebook name and password, they automatically register them. It is capable of collecting information such as cookies, user account details, location and IP address by injecting malicious JS code. All of this goes to the FlyTrap command and control server.

Facebook password theft

Thousands of users affected

Security researchers who have spotted this issue have indicated that there have been more than 10,000 Facebook accounts kidnapped through this tactic. In addition, they report that it has affected 144 countries. This information has been obtained since the command and control server database was exposed to anyone.

They warn that Phishing pages is not the only method they can use to steal passwords. We have seen this case where they use mobile apps Through which they seek to steal the credentials and keys once the victim has logged in.

There are different methods to steal keys on the Internet and we must always be protected. The main thing will be to create passwords that are strong and complex, but sometimes that is not enough. We are going to need to have security programs, such as a good antivirus, but especially keep common sense in mind. If we avoid errors, if we do not install applications that are suspicious, much less log in from unofficial sites, we will have a lot to win. We will not only prevent our Facebook password from being stolen, but any other online account.

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *