Friday 30 May, 2014
A new Trojan malware program has been identified that can infect mobiles through Facebook. Once infected, it can gain valuable data such as financial and personal information. The malware program was discovered by anti-virus vendor ESET.
How the Trojan Works
When clicked, it takes you to a fake Facebook authentication page, which says something like, “Due to a rising number of attempts in order to gain unlawful access to the personal information of our users and to prevent corrupted page data to spread Facebook administration introduces new extra safety protection system.” It then asks for your phone number.
Once installed, the malware intercepts SMS messages, phone calls and audio voice messages through the phone number it was given. It can also steal your address book. This interception offers a number of ways hackers can then obtain sensitive information such as bank authentication codes.
The malware program only affects Android users.
The Revenge of iBanking
This actually isn’t a new malware programs. Security experts have identified it as a variant of an old Trojan called iBanking, which masquerades as a security app but then injects HTML attacks on banking sites. This Trojan made its last appearance in early 2014, when it was found to be selling on underground forums for about $5,000. At the time, security firms warned that there would be more like it.
What’s different about the current Qadars is that it pretends to be Facebook rather than simply a banking or security app. Facebook is an ideal to spread malware because of its number of users. Plus, its users’ defenses are down. There hasn’t been a major malware to hit Facebook yet. While most users are vigilant about protecting their PCs from viruses, most people don’t consider the risks involved in using a mobile or the fact that Facebook can spread malware.
How to Avoid Infection
There are several things you can do to make sure you’re not infected. One is to question very closely anything you find on Facebook. While the hackers have managed to copy Facebook’s authentication screen quite well, there are still often mistakes. There could be a spelling mistake or Facebook could be written as “FaceBook.” You might find grammar mistakes or language that’s too casual for an official notification.
Research apps carefully before downloading and installing. Apps sold through official sources should be carefully vetted but aren’t always. You should never download and install apps from unofficial sources.
Finally, make sure you have a good antivirus program in place. There are many antivirus programs available for mobile devices on the market today.