FakeApp virus steals Facebook credentials directly from Android phones

by Linas Kiguolis - -

FakeApp Android Malware logs into Facebook accounts to harvest credentials

FakeApp steals Facebook credentials

The new strain of malware called FakeApp is designed to trick people into providing their login details via phishing and then log into the accounts to steal more personal information[1]. It is worth to mention that this threat is able to use the in-built Facebook search tool to get the targeted details.

According to the malware researchers from Symantec, Martin Zhang and Shaun Aimoto, this malware is detected as Android.Fakeapp and aims to infiltrate devices of English-speaking users[2]. It was caught spreading hidden inside malicious applications which are offered on third-party app stores.

Analysts say that most of Android malware victims are located in Asia-Pacific region which suggests that the majority of third-party store's customers are from Asia[3]. Despite that, FakeApp virus is primarily designed to target English-speaking people.

FakeApp Android virus: Phishes Facebook logins via fake screen and hacks into the accounts

This strain of Android malware is highly sophisticated — once installed, it immediately hides itself leaving the only service running in the background which continuously displays fake Facebook login screen to steal user's credentials. It is programmed to show it periodically until the user submits the login details.

On the contrary to previous Android virus[4] versions, this FakeApp trojan not only transmits the stolen credentials to the attackers but also uses them directly on the device to continue harvesting even more sensitive information from Facebook accounts. 

Symantec researchers point out that it is almost impossible to notice Android malware since it does the following:

Using JavaScript from a hidden WebView, the threat silently logs into the compromised Facebook account. The malware hides the WebView by setting the display to be almost completely transparent.

Furthermore, FakeApp is not programmed to do intrusive activities like other malware versions, including posting spam and liking suspicious content on Facebook pages. Instead, it stealthily browses through the app to collect details, such as[5]:

  • Work and education;
  • Location, contacts, and basic info;
  • Nicknames, relationships, family, and bio;
  • Check-ins and events;
  • Friends, groups, likes, pages, and posts.

Android malware distinguishes by the never-seen-before behavior

Symantec researchers are surprised how sophisticated this FakeApp malware is. There is no Android virus which would perform such activity: 

Additionally, to harvest information that is shown using dynamic web techniques, the crawler will scroll the page and pull content via Ajax calls.

Since FakeApp is not designed to perform any money-making operations, researchers believe that its initial purpose is to gain information about specific people of high interest.

Prevent websites, ISP, and other parties from tracking you

Private Internet Access is a VPN that can prevent your Internet Service Provider, the government, and third-parties from tracking your online and allow you to stay completely anonymous. The software provides dedicated servers for torrenting and streaming, ensuring optimal performance and not slowing you down. You can also bypass geo-restrictions and view such services as Netflix, BBC, Disney+, and other popular streaming services without limitations, regardless of where you are.

A VPN is also crucial when it comes to user privacy. Online trackers such as cookies can not only be used by social media platforms and other websites but also your Internet Service Provider and the government. Even if you apply the most secure settings via your web browser, you can still be tracked via apps that you are connected to the internet. Besides, privacy-focused browsers like Tor is are not an optimal choice due to diminished connection speed.

Therefore, to stay completely anonymous and prevent the ISP and the government from spying on you, you should employ Private Internet Access VPN. It will allow you to connect to the internet while being completely anonymous, prevent trackers, ads, as well as malicious content. Most importantly, you will prevent the illegal surveillance activities that NSA and other governmental institutions are performing behind your back.


Recover your lost files quickly

Unforeseen circumstances can happen at any time while using the computer: it can turn off due to a power cut, a Blue Screen of Death (BSoD) can occur, or random Windows updates can decide to reboot the machine when you went away for a few minutes. As a result, your schoolwork, important documents, and other data might be lost.

Additionally, you might also be attacked by malware that can corrupt your Windows or encrypt files with a robust encryption algorithm, and ask for a ransom in Bitcoin for the decryption tool. Cybercriminals might not deliver what they promised, however, so it is better to attempt alternative file recovery methods that could help you to retrieve at least some portion of the lost data.

Data recovery software is one of the options that could help you recover your files. Once you delete a file, it does not vanish into thin air – it remains on your system as long as no new data is written on top of it. Data Recovery Pro is recovery software that searchers for working copies of deleted files within your hard drive. By using the tool, you can prevent loss of valuable documents, school work, personal pictures, and other crucial files.

About the author
Linas Kiguolis
Linas Kiguolis - IT professional

Linas Kiguolis is a qualified IT expert that loves sharing his excellent knowledge about problems in Windows and Mac operating systems. Linas’ insights often help other team members find quick solutions for visitors of UGetFix site.

Contact Linas Kiguolis
About the company Esolutions


Your opinion regarding FakeApp virus steals Facebook credentials directly from Android phones