• Android : Schoolyard Bully Trojan Facebook Credential Stealer

    Home » Forums » Cyber Security Information and Advisories » Code Red – Security/Privacy advisories » Android : Schoolyard Bully Trojan Facebook Credential Stealer

    Author
    Topic
    #2502851

    https://www.zimperium.com/blog/schoolyard-bully-trojan-facebook-credential-stealer/

    Zimperium zLabs has discovered a new Android threat campaign, the Schoolyard Bully Trojan, which has been active since 2018. The campaign has spread to over 300,000 victims and is specifically targeting Facebook credentials. The Schoolyard Bully Trojans have been found in numerous applications that were downloaded from the Google Play Store and third-party app stores…

    The Schoolyard Bully Trojan can steal the following information from the Facebook account of their unsuspecting victims:

    Email / Phone Number
    Password
    ID
    Name

    The Schoolyard Bully Trojan is stealthy and disguises itself as educational applications, primarily targeting Vietnamese readers..

    This trojan uses Javascript injection to steal the Facebook credentials. The Trojan opens the legitimate URL inside a WebView with the malicious javascript injected to extract the user’s phone number, email address and password, then sends it to the configured Firebase C&C…

    Reply To: Android : Schoolyard Bully Trojan Facebook Credential Stealer

    You can use BBCodes to format your content.
    Your account can't use all available BBCodes, they will be stripped before saving.

    Your information: