1. Welcome Guest! In order to create a new topic or reply to an existing one, you must register first. It is easy and free. Click here to sign up now!.
    Dismiss Notice

Fake Facebook Lite App Infected with Trojan to Steal Users' Info

Discussion in 'Mobile Phones & Devices' started by starbuck, Mar 7, 2017.

  1. starbuck

    starbuck Administrator - Malware Removal Specialist Administrator

    Joined:
    Sep 26, 2009
    Messages:
    3,825
    Location:
    Midlands, UK
    Operating System:
    Windows 10
    CPU:
    AMD Athlon II x2 250 Processor 3.00GHz
    Memory:
    8gb DDR3
    Hard Drive:
    500gb SATA
    Graphics Card:
    ASUS GeForce GTX 960 2gb
    Power Supply:
    650w PowerCool X-Viper
    The app was spotted on a third party app store

    c9bd4ea97115d9042200f66d7b26c4d6.jpg

    A version of Facebook Lite circulating on third-party app stores is infected with Spy FakePlay Trojan.
    Instead of coming from Facebook, the app was actually developed by some people in China
    .

    According to researchers from Malwarebytes Labs, this version of the popular mobile app Facebook Lite, which is a more compact version of the original app, using less data, was found infected with Android/Trojan.Spy.FakePlay.

    The app works just as it is supposed to, but there's that extra malicious activity working in the background that kind of hampers the mood.
    The fake app uses a malicious receiver (com.google.update.LaunchReceiver) and service (com.google.update.GetInst), trying to pass as a Google Update.

    The researchers note that the com.google.update.LaunchReceiver runs whenever the phone is booted, immediately running the receiver com.google.update.GetInst.
    The latter is the one containing the malicious code which was made to steal your personal information and to install additional malicious apps.
    For instance, it can grap your device ID, system version, Mac Address, network operator name, Sim serial number and more.

    Avoid non-Google app stores

    "The literal meaning of Trojan when it comes to computing is quote from Wikipedia any malicious computer program which is used to hack into a computer by misleading users of its true intent.
    This particular piece of mobile malware is a perfect example; it misleads by infecting a legit app with malicious code and then hides its presence under the name of well-known corporation
    ," Malwarebytes Labs writes.

    As mentioned, this Facebook Lite app comes from China based on some of the characters found in the code.
    Since China doesn't have access to the original Google Play store, users rely on third party app stores.
    Without Google's overwatch, these are often ridden with malicious apps such as this one.
    If you have access to the Google Play Store, install apps from there.


    Source:
    http://news.softpedia.com/news/fake...-with-trojan-to-steal-users-info-513645.shtml
     

Share This Page