FluBot is a recently known malware that is affecting users in UK, Spain, Germany, and Poland. The main aim of FluBot Malware is stealing passwords, bank details and other sensitive information through Android devices.
FluBot is installed via text SMS on the victim’s phone, claiming it is from a delivery company and will be provided by a link to track the delivery package – but the app is actually malware for stealing sensitive information from Android phones. Hence, once the user clicks on this link it will lead the user to install an application to help in tracking the fake delivery.
Such malicious files are usually blocked by the browser by default to protect the user from such kinds of phishing attack, but the fake websites provide information on how to bypass these protections and allow FluBot to be installed.
Once installed, FluBot also gains access to the user’s address book, so it can send the infected text SMS to all the contacts from the address book, further spreading the malware. While the malware can only infect Android devices, Apple users are also urged to be cautious about text SMS.
The UK’s National Cyber Security Centre (NCSC) has issued security guidance about how to identify and remove FluBot malware, while other Network providers like Vodafone UK have also issued warnings to users over text SMS attacks.
Meanwhile, the NCSC has warned people who’ve already infected by this malware, to not login to any additional online accounts to prevent their data from getting hacked. They have to perform a factory reset of their phone as malware cannot survive in such conditions.
In order to avoid falling users to similar attacks, it’s recommended that users only install applications from official app stores.