Club Benefits
You are now subscribed
Your newsletter sign-up was successful
Want to add more newsletters?
Daily (Mon-Sun)
Tom's Guide Daily
Sign up to get the latest updates on all of your favorite content! From cutting-edge tech news and the hottest streaming buzz to unbeatable deals on the best products and in-depth reviews, we’ve got you covered.
Weekly on Thursday
Tom's AI Guide
Be AI savvy with your weekly newsletter summing up all the biggest AI news you need to know. Plus, analysis from our AI editor and tips on how to use the latest AI tools!
Weekly on Friday
Tom's iGuide
Unlock the vast world of Apple news straight to your inbox. With coverage on everything from exciting product launches to essential software updates, this is your go-to source for the latest updates on all the best Apple content.
Weekly on Monday
Tom's Streaming Guide
Our weekly newsletter is expertly crafted to immerse you in the world of streaming. Stay updated on the latest releases and our top recommendations across your favorite streaming platforms.
Join the club
Get full access to premium articles, exclusive features and a growing list of member rewards.
Over 300,000 Android users have fallen victim to a newly discovered campaign that uses malicious apps to infect their devices with a trojan capable of hacking Facebook accounts.
According to a new report from Zimperium, the Schoolyard Bully Trojan has been active since 2018, though more recently cybercriminals are using seemingly innocent educational apps on the Google Play Store and third-party app stores to distribute it.
Using malicious apps to target victims
In this latest campaign educational apps are being used to distribute the Schoolyard Bully Trojan, primarily to those in Vietnam, but users from 70 other countries have also been targeted.
These malicious apps – which have since been removed from the Play Store – contain a chat option, though users need to log into their Facebook account before they can use it.
When a user tries to log in, Schoolyard Bully uses JavaScript injection to steal their Facebook credentials, which are then sent to a command and control (C&C) server operated by the attackers. The trojan is also able to evade antivirus software by using native libraries to store the C&C data.
According to Zimperium, Android users in countries around the world including the U.S., Canada, Australia, Brazil, the UK, India and others have been targeted by Schoolyard Bully. However, the actual number of countries could be higher since these malicious apps can still be found in third-party app stores.
How to stay safe from Android trojans and malware
In order to avoid having your Facebook and other credentials stolen by hackers, the first thing you should do is avoid installing apps from unofficial app stores and unknown sources. Sideloading apps is one of the many perks of being an Android user, but it can also be dangerous if you’re not careful.
You also want to ensure that Google Play Protect is enabled on your Android smartphone, as this built-in app can scan any new app you download as well as the other apps you have installed for malware. For additional protection, you might also want to consider using one of the best Android antivirus apps alongside it.
Finally, you need to think carefully before installing any new app on your devices. Sure, Google scans them for malware and viruses before they are uploaded to the Play Store, but bad apps occasionally manage to slip through the cracks. This is why you should read external reviews and look into an app’s developer before tapping the install button.
The Schoolyard Bully Trojan has been active for over four years now, during which time it successfully stole credentials from over 300,000 users. As such, this trojan will likely continue to be used by cybercriminals to steal passwords and accounts from unsuspecting users.
