Cybercriminals are leveraging Facebook to target vulnerable populations, notably seniors, through fake groups designed to distribute malicious Android applications. These campaigns combine social engineering with malware that can steal sensitive information and compromise financial accounts.
Security researchers at ThreatFabric have uncovered numerous fake Facebook groups created with AI-generated content to appear genuine. The groups (many with names such as “Senior Group,” “Lively Years,” “ActiveSenior,” and “DanceWave”) aim to lure seniors interested in travel, dance classes, and community events from different countries into downloading malicious apps under the guise of registering for activities or events.
Once members are engaged, they may be prompted to download a Android application, often hosted on external servers like. In some cases, victims are also asked to pay sign-up fees via the website, leading to further phishing and credit card theft.
The malware deployed in these scams typically includes the Datzbro Trojan and, occasionally, Zombinder. Datzbro, a sophisticated threat with spyware and trojan capabilities. It can record audio and video, access personal files, display fake login overlays to steal passwords, and allow remote control of infected devices including locking or unlocking the screen. While focused on Android, the placeholder options for iOS applications in some groups hints at potential future targeting of iPhone users.
Many of the involved Facebook groups have been removed, bu the threat persists and new malicious groups could emerge.
To stay safe, users should always verify the authenticity of social media groups especially those offering too-good-tobe-true promises or requesting personal information, avoid clicking on unknown links, and ensure their devices are protected with latest system updates, and up-to-date anti-malware software.
This ongoing campaign underscores the importance of digital vigilance, especially among vulnerable users who are common targets for cybercriminals seeking to exploit trust and social engagement for malicious gain.
Explore the detailed research report and further insights on ThreatFabric’s official blog.
Leave a Reply