News > Internet & Security Android Malware 'FlyTrap' Has Compromised Thousands It collects Facebook data, location information, email addresses, and more By Rob Rich Rob Rich Twitter News Reporter College for Creative Studies Rob is a freelance tech reporter with experience writing for a variety of outlets, including IGN, Unwinnable, 148Apps, Gamezebo, Pocket Gamer, Fanbolt, Zam, and more. lifewire's editorial guidelines Updated on August 10, 2021 03:52PM EDT Fact checked by Rich Scherr Fact checked by Rich Scherr Twitter University of Maryland Baltimore County Rich Scherr is a seasoned technology and financial journalist who spent nearly two decades as the editor of Potomac and Bay Area Tech Wire. lifewire's fact checking process Tweet Share Email Tweet Share Email Internet & Security Mobile Phones Internet & Security Computers & Tablets Smart Life Home Theater & Entertainment Software & Apps Social Media Streaming Gaming Cybersecurity firm Zimperium has discovered a new piece of malware, dubbed FlyTrap, that's compromised thousands of Android users via social media. According to Zimperium's report, FlyTrap has been distributed on the Google Play store in the guise of various apps promising Netflix coupons, European football voting, and more. If your Android device is infected and you log in to Facebook, FlyTrap will dig up your Facebook ID, location info, email address, and your IP address. Hijacked Facebook sessions also can be used to spread FlyTrap to other users by automatically sending links to download the malware. Zimperium Zimperium reports that it has verified over 10,000 FlyTrap victims across 144 countries (including the US and Canada). "Just like any user manipulation, the high-quality graphics and official-looking login screens are common tactics to have users take action that could reveal sensitive information," said Zimperium in its report. "In this case, while the user is logging into their official account, the FlyTrap Trojan is hijacking the session information for malicious intent." Zimperium A list of confirmed trojan Android apps can be found in Zimperium's report, though Google already has removed them from the app store. While there's no longer the immediate danger of downloading FlyTrap from Google Play, you can still check the list to see if any of the infected programs are already installed. Zimperium recommends using its on-device z9 Mobile Threat Defense engine to run a risk assessment. Other than that, we should all continue to be wary of any apps from unfamiliar developers that ask us to log-in to our social media accounts. Was this page helpful? Thanks for letting us know! Get the Latest Tech News Delivered Every Day Email Address Sign up There was an error. Please try again. You're in! Thanks for signing up. There was an error. Please try again. Thank you for signing up! Tell us why! Other Not enough details Hard to understand Submit