New Android Malware Schoolyard Bully Trojan alarms

New Android Malware Schoolyard Bully Trojan alarms

Zimperium zLabs’ shocking revelation shows that it has been active since 2018 and infected 300,000 devices to hack Facebook accounts.

New Android malware Schoolyard Bully Trojan has been sending shock waves across the world lately. In a shocking revelation, Zimperium zLabs has discovered that this latest malware from the Android family has been active since 2018 and has already infected 300,000 devices. For more than four years, it has been targeting Facebook accounts, stealing thousands of credentials in the process.

This is actually alarming, to say the least. Despite stiff competition from other social media platforms, Facebook remains the undisputed leader in the virtual community domain. Therefore, this raises alarm bells and calls for action. It is further learned that after gaining access to a user’s account, it becomes easier for them to hack other personal information, including extremely confidential security information such as bank details.

Therefore, the new Android malware Schoolyard Bully Trojan has far greater implications than just stealing Facebook accounts. Let’s delve deeper with this and try to have a fair understanding of its larger implications.

Schoolyard bully trojans

The Schoolyard Bully Trojan uses Javascript injection to steal Facebook credentials. [Image Credit: Freepik]

New Android Malware Schoolyard Bully Trojan: Exposing Vulnerabilities

Zimperium zLabs’ findings show that the new Android malware Schoolyard Bully Trojan is one of the deadliest of all Android malware currently. Being hyperactive since 2018, it continues to run rampant across the globe infecting as many as 300,000 devices, spanning 71 countries.

It has been revealed that the worst affected country happens to be Vietnam, for reasons unknown. This trojan is spread through several apps and named by Zimperium as ‘Schoolyard Bully’. Although many of these apps have already been removed from the Google Play Store, Zimperium warned that thanks to third-party Android app stores, they are flowing smoothly and the Trojan is on the rise. The modus operandi of this new Android malware is to steal Facebook account credentials (email and password), account ID, username, device name, device RAM and device API.

See also  DoorDash data breach leaves important customer details exposed

The Schoolyard Bully Trojan uses Jvaascript injection to steal Facebook credentials. By opening the legitimate URL in a WebView and injecting it with a malicious Javascript, this new Android malware extracts the user’s phone number, email address and password, and then sends it to the configured Firebase C&C.

Therefore, the users easily fall victim to the Schoolyard Bully Trojan and their confidential information gets hacked. Therefore, there is no room to take this new Android malware lightly.

Caution in the air

A couple of months ago, global cyber security giant Kaspersky Lab presented an alarming report showing that more than 90% of worldwide businesses are not ready to deal with the new wave of cyber attacks. But the global organizations paid little attention to that report and did not strengthen their cyber security systems.

Almost immediately afterwards we met new malware strain Maggie which attacked Microsoft SQL servers and caused a massive blow to many global businesses. Even after that no proper action was taken.

Then, just last month, was great Deribit hack rocked the crypto world and the deep rifts caused blood to spill from the global financial market in general. The hot wallet hack wiped out a staggering $28 million and forced the world’s leading crypto exchange to pause withdrawals for a while.

In November itself, Azov ransomware overtook many reputable cybersecurity systems and very surprisingly (probably for the first time in history), framed many reputable cybersecurity researchers for their own misdeeds. It was an absolute mockery of the whole thing.

Still, there’s no stopping Android malware. We are witnessing a number of new malwares of Android nature, which are striking gold with phishing along with adwares. People download them in the form of apps and unknowingly invite trouble.

See also  North Korean cyber attacks target South Korean political experts

An app called TubeBox, which promises cash rewards for watching videos and ads on the app, is leading the charge with one million downloads. It is followed by other Android malware like Bluetooth device auto connect (1,000,000 downloads), Bluetooth & Wi-Fi & USB driver (100,000 downloads), Volume, Music Equalizer (bt autoconnect group) – 50,000 downloads and Fast Cleaner & Cooling Master (500) downloads).

It is high time we learn and take proper measures to keep such cyber security threats at bay.

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *