A new Android Trojan hit more than 10 000 victims in 144 countries, according to a report from cybersecurity firm Zimperium.
The Trojan – called FlyTrap by Zimperium researchers – has been able to spread through “hijacking of social media, third-party app stores and side-loaded applications” since March.
“FlyTrap is another example of threats targeted against our mobile devices,” says Anna Collard, senior vice-president: content strategy and evangelist at KnowBe4 Africa. “They are built to steal your information such as your social media usernames and passwords and can cause all sorts of havoc.
“Typically these malicious apps get onto your phone by tricking you to click on a link in a WhatsApp, SMS or social media message you may receive out of the blue or even from one of your friends whose accounts have already been compromised.”
She warns users to look out for red flags which could indicate your phone has been hacked or infected with mobile malware:
* if your battery runs out too quickly, if you have pop-ups coming up, or strange apps that you haven’t downloaded.
* If the performance goes down, or there are airtime or cellphone charges you can’t make sense of.
Collard says users can protect themselves and their phones by doing the following:
* Only download apps or update apps via the official app store.
* Don’t ever click on a WhatsApp or SMS link that try to trick you into updating an app, downloading an app or installing anything.
* Be aware of mobile phishing – links to sites that are trying to steal your personal information, such as username and passwords.
* Never root or jailbreak your device because that breaks the built-in security.
* Consider installing a reputable mobile anti-malware app.
* Keep your apps and software updated and remove any apps you no longer need or use. Less is more (protection).
* Be very selective about what you download. If you think that your device is infected the first thing you can do is try and remove the suspicious app. You could go back in time and restore the device as a new device from a previous backup or if it’s still persistent you may need to do a full reset. Especially for Android devices it is highly recommend to download a mobile security or antivirus app and that scans the device and removes the malicious app.