Flubot, a new Android malware, targets bank card passwords and data

Named FluBot, the new malware targets passwords and bank cards saved on Android devices, along with other potentially valuable data.

The main way to spread seems to be to send SMS messages, written to suggest that they were sent by a courier company. The SMS message requests the activation of a link to track the delivery of a fictitious package. The potential victim is lured into a phishing trap, the site visit requesting the installation of an application that would further facilitate the tracking of the delivery process.

Once infiltrated on the victim’s phone, FluBot requests additional permissions to access the contact address, which it uses to forward SMS containing the “invitation” to the phishing site.

It seems that this malware has been the most widespread in the UK. NCSC (National Cyber ​​Guidance Security Center) authority responding by sending alerts on how to identify and remove FluBot. Similar alerts have been sent by local mobile operators.

By mimicking fake DHL or Amazon deliveries, FluBot is most easily exposed by the suggestion of installing an Android application (APK) that does not come from a reputable app store. To avoid such pitfalls, it is recommended to install mobile apps only if they come from reputable app stores such as Play Store or App Store. Fortunately, help in this regard is provided by Google itself, as recent versions of Android are configured to implicitly refuse to install applications from unverified sources.

You May Also Like

Leave a Reply

Your email address will not be published. Required fields are marked *