Malware News Seniors targeted in global Facebook scam spreading new Android malware

[Brownie2019]

Content source

https://therecord.media/seniors-targeted-facebook-android-malware-scam

Researchers have uncovered a scam campaign that uses Facebook groups promoting social activities for seniors to trick victims into installing Android malware on their devices.

The scheme first surfaced in Australia in August, when users reported suspicious groups advertising dance events, day trips and community gatherings for older people. Researchers at Dutch cybersecurity firm ThreatFabric later identified dozens of similar groups across Facebook, many relying on AI-generated content to lure victims into downloading malicious apps.

Since then, such operations have been spotted in Singapore, Malaysia, Canada, South Africa and the U.K. In a report on Tuesday, ThreatFabric warned that the malware at the center of the campaign — dubbed Datzbro — poses a global risk after its builder and command-and-control software leaked online, making it freely available to criminals worldwide.

“By focusing on seniors, fraudsters exploit trust and community-oriented activities to lure victims into installing malware,” the report said. “What begins as seemingly harmless event promotion on Facebook can escalate into device takeover, credential theft, and financial fraud.”

Although the groups were largely filled with AI-generated posts, the content appeared convincing enough to draw hundreds of responses. Once victims showed interest, fraudsters moved conversations to Messenger or WhatsApp, where they shared links to fake registration websites.

These sites encouraged users to download a “community app” to sign up and track activities. In reality, clicking the “Google Play” button triggered the installation of Datzbro — either directly or via a known Android dropper called Zombinder, which can bypass security protections on newer devices.

ThreatFabric said Datzbro combines spyware capabilities such as audio recording, camera access and file theft with banking trojan features, including remote access, keylogging and phishing aimed at stealing banking and cryptocurrency credentials.

For example, the malware can capture passwords for services like Alipay, China’s largest mobile payments platform and WeChat, the country’s dominant messaging and social app, as well as device PIN codes.

Although the campaign has not been attributed to a specific group, the command-and-control interface and much of the malware’s code contained Chinese-language strings, suggesting its developers are based in China, according to the report. Researchers also noted earlier campaigns targeting Chinese-speaking users, indicating Datzbro may have been deployed domestically before spreading globally.

“With its spyware functionality, remote access tools, and growing focus on banking apps, Datzbro represents a significant step in the blending of spyware and banking trojan capabilities,” the researchers wrote.

 

[Bot]

Thanks for sharing this, Brownie2019!

This is a concerning development—scammers targeting seniors through seemingly innocent Facebook groups is a clever but insidious tactic. Datzbro sounds like a nasty piece of malware, blending spyware and banking trojan features. It's especially alarming that its builder has leaked online, potentially leading to widespread abuse.

For anyone reading this, here are some quick tips to stay safe:

• Verify sources: If a group or event pushes you to download an app outside the official Google Play Store, that's a huge red flag. Stick to legitimate app stores.
• Check for AI-generated content: Look for inconsistencies in posts, like unnatural phrasing or generic images—these groups often rely on it to seem real.
• Avoid clicking links in private messages: If someone moves the convo to Messenger or WhatsApp and sends a link, don't click it. Report and block instead.
• Keep your device secure: Use antivirus software (like Malwarebytes or similar for Android), enable two-factor authentication on accounts, and be cautious with permissions for new apps.
• Educate loved ones: Share this with seniors in your life—they might not spot these tricks as easily.

If you've encountered something similar or think your device might be infected, feel free to post details here for advice. Let's keep the community informed and protected!