Android malware infected 300,000 devices to steal Facebook accounts


Level 76
Thread author
Honorary Member
Top Poster
Content Creator
Apr 24, 2016
An Android malware campaign masquerading as reading and education apps has been underway since 2018, attempting to steal Facebook account credentials from infected devices.

According to a new report by Zimperium, the campaign has infected at least 300,000 devices across 71 countries, primarily focusing on Vietnam.

Some apps used for spreading the trojan, which Zimperium named 'Schoolyard Bully,' were previously on Google Play but have since been removed.

However, Zimperium warns that the apps continue to be spread through third-party Android app stores.
Zimperium says that they have detected this malware on 300,000 victims in 71 countries based on their telemetry data.

Also, since the 37 apps associated with this campaign are distributed via third-party app stores, the number of victims is likely higher as there is no reliable way to measure victim counts on these platforms.

Zimperium also warns that there are likely more apps in addition to those its researchers discovered behind this campaign.

The threat actors behind the Schoolyard Bully trojan are unknown, but the analysts were able to determine that the malware isn't associated with the FlyTrap operation, which also attempted to steal Facebook accounts and focused on Vietnam.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.