Named FluBot, the new malware targets passwords and bank cards saved on Android devices, along with other potentially valuable data.
The main way to spread seems to be to send SMS messages, written to suggest that they were sent by a courier company. The SMS message requests the activation of a link to track the delivery of a fictitious package. The potential victim is lured into a phishing trap, the site visit requesting the installation of an application that would further facilitate the tracking of the delivery process.
Once infiltrated on the victim’s phone, FluBot requests additional permissions to access the contact address, which it uses to forward SMS containing the “invitation” to the phishing site.
It seems that this malware has been the most widespread in the UK. NCSC (National Cyber Guidance Security Center) authority responding by sending alerts on how to identify and remove FluBot. Similar alerts have been sent by local mobile operators.
By mimicking fake DHL or Amazon deliveries, FluBot is most easily exposed by the suggestion of installing an Android application (APK) that does not come from a reputable app store. To avoid such pitfalls, it is recommended to install mobile apps only if they come from reputable app stores such as Play Store or App Store. Fortunately, help in this regard is provided by Google itself, as recent versions of Android are configured to implicitly refuse to install applications from unverified sources.
Robert J. Smith is still early into his career as tech reporter but has already had his work published in many major publications including JoyStiq and Android Authority. In regards to academics, Robert earned a degree in business from Fordham University. Robert has passion for emerging technology and covers upcoming products and breakthroughs in science and tech.