If you noticed that your Facebook has been compromised, and you don’t know how, then you android device might be infected with a malware.
Over 300,000 android devices has been infected by a malware known as “Schoolyard Bully”, the Nigerian Communications Commission’s Computer Security Incident Response Team (NCC-CSIRT) has issued an advisory reminding users of android devices to only download applications from official sites and application stores.
The malware is known for stealing of Facebook account credentials. Researchers from mobile security firm, Zimperium, found several apps that transmit the “Schoolyard Bully” malware, while disguising themselves as reading and educational apps with a variety of books and topics for their victims to study.
The malicious apps were available on Google Play, yet they have already been taken down. However, they still spread via third-party Android app shops.
The primary objective of the malware, which affects all versions of Facebook Apps for Android, is to steal Facebook account information, including the email address and password, account ID, username, device name, device RAM (Random Access Memory), and device API (Application Programming Interface).
How it Steals Your Facebook Login
According to NCC-CSIRT, “The (Zimperium) research stated that the malware employs JavaScript injection to steal the Facebook login information.
The malware loads a legitimate URL (web address) inside a WebView (a WebView maps website elements that enables user interaction through Android View objects and their extensions) with malicious JavaScript injected to obtain the user’s contact information (phone number, email address, and password), then send it to the command-and-control server.
Advice
It is advisable you double-check each application and uncheck boxes that request extra third-party downloads when installing apps downloaded from the Google Play Store, and use anti-malware applications to routinely scan their devices for malware.