Malwarebytes reports that a fake version of Facebook Lite is infected with a malware called Android/Trojan.Spy.FakePlay. The more compact and lighter version of the popular Facebook app, is designed for users with low internet access, and works on slow connection.
According to the report, though the infected version, which apparently isn’t from the Google Play Store works as advertised, it does possess the ability to infect your system with malware.
The malware-infected fake Facebook Lite uses a malicious receiver com.google.update.LaunchReceiver and service com.google.ipdate.GetInst to deceive users into downloading an update to your Android phone. The aim of using a receiver and service name, according to Malwarebytes, is to hide under what some users may be misled into thinking it’s a genuine update from Google. A cautious approach is needed when such a link appears on your phone, asking you to update your Facebook Lite.
Here is how Malwarebytes defined what Trojan is on their blog, and how it works its way into your device:
“The literal meaning of Trojan when it comes to computing is quote from Wikipedia any malicious computer program which is used to hack into a computer by misleading users of its true intent. This particular piece of mobile malware is a perfect example; it misleads by infecting a legit app with malicious code and then hides its presence under the name of well-known corporation. Once a user falls for this [installing the fake Facebook Lite] on his Android device, the malware will then be able to steal your device ID, system version, Mac Address, network operator name, Sim serial number and more.”
To avoid a scenario where your system gets infected with malware that eventually steals your personal information, it is important to look carefully before installing not just Facebook Lite, but other apps. This should be a general rule for any installation in order to stay safe and avoid issues with your Android device.
Another way to keep your device safe is to avoid downloading or installing apps from outside the Google Play Store. In any case, your Android phone always alerts you whenever you try to install apps from a third-party source. It is always important to not ignore such alerts and be sure to stick only to apps that comes from a reliable source.
The fake Facebook Lite in question, according to the report, originates from China [not so much of a surprise there in my opinion].
“This infected version of Facebook Lite originates from China based on characters found in the code. China does not have access to Google Play and relies on third party apps stores that sometimes contain malicious apps like this. If you in a country that has access to Google Play, we suggest using it over third party apps stores to avoid such infections.”
That is so obvious because you wouldn’t expect a malware infected version of the app to have originated from the Google Play Store. The truth is, installing apps from anywhere else, but the Play Store is akin to leaving the door to your apartment unlocked all the time.