New Android malware Schoolyard Bully Trojan has sent shockwaves across the world, of late. In a shocking revelation, Zimperium zLabs have discovered that this latest malware from the Android family, has been active since 2018 and has already infected 300,000 devices. For more than four years, it has been targeting Facebook accounts and stolen thousands of credentials in the process.
This is indeed alarming, to say the least. Despite stiff competition from other social media platforms, Facebook still remains arguably the leader in the virtual community domain. Hence, this raises alarm bells and calls for action. It has been further learned that after getting hold of a user’s account, it is becoming easier for them to hack other personal information, including extremely confidential security information like bank details.
Therefore, the New Android malware Schoolyard Bully Trojan has far greater implications than merely stealing Facebook accounts. Let’s delve deeper with this and try to have a fair understanding of its larger ramifications.
The Schoolyard Bully trojan makes use of Javascript injection in order to steal the Facebook credentials. [Image Credit: Freepik]
New Android Malware Schoolyard Bully Trojan: Exposing Vulnerabilities
Zimperium zLabs’ findings show that the new Android malware Schoolyard Bully Trojan is one of the deadliest of all Android malwares at present. Being hyper-active since 2018, it continues to run riot all over the world with infecting a whopping 300,000 devices, spanning over 71 countries.
It has been revealed that the worst-affected country happens to be Vietnam, for reasons unknown. This trojan is being spread through several apps and named by Zimperium as ‘Schoolyard Bully’. Though many of these apps have been already removed from the Google Play Store, Zimperium warned that thanks to third-party Android app stores, they are flowing smoothly and the trojan is on a rise. The modus operandi of this new Android malware is to steal Facebook account credentials (email and password), account ID, username, device name, device RAM, and device API.
The Schoolyard Bully trojan makes use of Jvaascript injection in order to steal the Facebook credentials. Through opening the legitimate URL inside a WebView and injecting it with a malicious Javascript, this new Android malware extracts the user’s phone number, email address and password, then sends it to the configured Firebase C&C.
Therefore, the users are easily falling prey to the Schoolyard Bully trojan and their confidential information is getting hacked. Hence, there’s no room to take this new Android malware lightly.
Caution in the Air
Couple of months back, global cybersecurity giant Kaspersky Lab presented an alarming report which showed that more than 90% of the worldwide businesses are not ready to deal with the new wave of cyber-attacks. But the global organizations paid little heed to that report and didn’t reinforce their cybersecurity systems.
Almost immediately afterwards, we encountered the new malware strain Maggie that attacked Microsoft SQL servers and caused a massive blow to many global businesses. Even after that proper measures were not taken.
Then, only last month, the huge Deribit hack shook the crypto world and the deep gashes made blood spill from the global financial market in general. The hot wallet hack wiped out a staggering $28M and forced the world’s leading crypto exchange to pause withdrawals for quite some time.
In November itself, Azov ransomware got the better of many cybersecurity systems of well repute and very surprisingly (probably for the first time in history), framed many renowned cybersecurity researchers for its own misdeeds. It became an absolute mockery of the whole thing.
Still, there’s no stopping the Android malwares. We are witnessing a host of new malwares of the Android nature, which are striking gold with phishing along with adwares. People are downloading them in the form of apps and inviting trouble, unknowingly.
An app named TubeBox, which promises monetary rewards for watching videos and ads on the app, is leading the charge with one million downloads. It is followed by other Android malwares like Bluetooth device auto connect (1,000,000 downloads), Bluetooth & Wi-Fi & USB driver (100,000 downloads), Volume, Music Equalizer (bt autoconnect group) – 50,000 downloads and Fast Cleaner & Cooling Master (500 downloads).
It’s high time that we learn and take proper measures to keep such cybersecurity threats at bay. Meanwhile, you can use some of the best data cleaning tools to minimize the risk of data theft from our browsers. It will also help you to speed up the performance of your respective system.