FluBot, the quickly spreading Android malware, aims to steal your bank details, passwords, and other sensitive data. The malware is introduced to users’ phones through a phishing link claiming that it’s meant to track package delivery. It prompts you to install a tracking program, which is, in fact, a malicious application.
FlueBot uses the victim’s address book to send another chain of text messages with malicious links. The message usually states that it is from DHL delivery service, but other notable brands can be mentioned as well, including Amazon, Asda, and Argos. When a person clicks on the link, it redirects them to a third-party site containing a link to a malicious APK (Android Package) file. Most Android devices have default settings to block these files to protect users, but the website gives step-by-step instructions to circumvent these preventive measures.
Once installed, FlueBot obtains the necessary permissions to access and steal any sensitive information you might have on your phone. While this spyware is directed at Android devices, iPhone users are advised to take caution as well.
The UK’s National Cyber Security Center (NCSC) has issued a warning about the threat of FlueBot malware and the steps to take if you have already downloaded the malware.
“This has the potential to become a denial-of-service attack on mobile networks, given the clear risk that a rogue application can be installed on users’ smartphones and start spewing out endless text messages,” said Ben Wood, chief analyst at CCS Insight.
Vodafone, a British multinational mobile network operator, reported that millions of text messages were already sent across multiple operators, stealing passwords from a significant number of users. Keeping your anti-malware software updated and using a secure password manager for Android are just some of the steps that experts recommend for keeping your sensitive data safe.