Mobile security firm Zimperium zLabs said in a Thursday announcement that malware called Schoolyard Bully Trojan, which has been targeting the personal information of Facebook users since 2018, has spread to over 300,000 victims, mostly in Vietnam.
According to Zimperium, there are around 37 applications floating around Vietnam that contain Schoolyard Bully Trojan, including those with Vietnamese names targeting students by helping them with homework.
All these applications have been removed from the Play Store, but they are still available on third-party app stores, meaning there will be more victims. On a website that hosts apk files, these applications are uploaded by an account with a Vietnamese name, and some of those apps have had hundreds of thousands of downloads.
In a digital sleight-of-hand, these apps still provide the services they advertise, but some functions require Facebook logins to use. Researchers said while the login requirements are legitimate, the malware uses malicious JavaScript codes to steal users' info. Login information like phone numbers, emails addresses and passwords are targeted, as well as other personal info available via the devices they are stored on.
No info has been released on who may be responsible for the malware. However, experts said similar malwares might explain the fact that several Facebook accounts in Vietnam have been stolen and sold on hackers' data forums lately.