FluBot, the new great threat to Android mobiles
Cybersecurity centers in Spain and other countries warn of the danger of this new malware that has already managed to infect more than 60,000 Android phones, stealing their passwords and further spreading the chain of infected.
Through a simple SMS, using phishing techniques, users end up installing malware on their smartphones capable of almost completely taking control of the device and accessing bank accounts of other personal information. This is how FluBot works.
The “modus operandi” of this malware begins with falsify an SMS from a courier company such as FedEx, in which the user is assured that the delivery of a package at home. In the message, the victim is asked to access a link where he can supposedly download an application to follow the delivery process of this shipment. It is all false, the link leads to a malware that infects the entire device.
Once FluBot is installed, it sneaks into the smartphone software to access the phone’s contact library to continue sending SMS to other people and thus extend the chain of infected. Furthermore, this malicious software is able to steal confidential information from victims such as their passwords and access to bank accounts at the same time.
The alarm has spread throughout much of the market, operators such as Vodafone have issued alerts, as well as institutions focused on national cybersecurity such as the INCIBE in Spain or the NCSC of the United Kingdom. The Swedish cybersecurity company PRODAFT issued a report in which assured that this malware has attacked 60,000 devices, being more than 90% of them Spanish.
One of the main dangers, as they show other media, is the personalization of the messages. By having access to the victim’s contact list, the next SMS that the malware sends to continue infecting are addressed with their own name, which gives them a more trustworthy aspect than that of an impersonal message.
Once this so-called application is downloaded, the criminal activity of the software is almost imperceptible until the victim discovers problems in their bank accounts. Before it is necessary to give it a series of somewhat excessive permissions for a delivery tracking application, a detail that can set off user alarms if they read them carefully.
Theft of bank accounts can arrive a chilling figures such as 50,000 euros. This malware is especially dangerous because of the ease with which it has spread in recent months, but its techniques are similar to many other cyber attacks. Therefore, it is important to learn certain safety guidelines:
- Before emails, SMS or any message, confirm the authenticity of the issuer if possible, checking email address or any details such as spelling that reveals the attacker.
- Do not click on any link or download any application or document from the same message. Go to the official website of that company that claims to have a shipment for us and check it there.
- Read carefully all the permissions that we grant to the applications we install.
- In case of doubt, consult official sources in case it is a scam. Institutions such as INCIBE have a telephone line for these problems and often share information and advice on new threats on the network.
- Report to the police and other authorities any theft or attack suffered.