The FluBot malware continues its evolution and returns to the forefront of the most dangerous threats for Android smartphone users. A new attack campaign is currently underway. FluBot malware is a banking trojan that intrudes on your phone to steal your login information and banking information. And this using a fake app that you downloaded.
A life-threatening threat
According to our colleagues from Presse Citron, the modus operandi of criminals is quite simple. It all starts with a text message that the victim receives alerting him that he has received a voice message. Except that by trying to open that message, the person is asked to perform a security update for the benefit of their device.
Of course, there is no need for you to perform said update. It’s not even an update but spyware. If you ever download it, it will ask you for permission to access the phone’s accessibility features.
This fake application will allow criminals to automatically receive the bank details of their victims. Everything takes place in a completely discreet way. The FluBot malware works independently, once installed on your smartphone, it automatically sends your data to its sponsor.
European Police Office Europol announced on Wednesday the launch of the spyware “Flubot”, which attacked Android mobile phones via SMS to steal sensitive information, passwords or banking information
➡️ https://t.co/ySdNBEbWX4 pic.twitter.com/FYqwmzXtTZ
– Pariseren (@le_Parisian) June 1, 2022
Unfortunately, there is no security system that is able to prevent it from sending the collected information to an Android phone. So far, nothing will be able to protect you from this malware. The only thing you can do is never click on a link you received via text message or other messaging platform until you know what is happening.
Avoid clicking on suspicious links
Many people agree to grant permissions that apps request, without really thinking about what they are doing. It is a state that criminals exploit to find their way through multiple systems.
If these authorization requests have been introduced, there is a reason. It would therefore be wise not to open the door of your smartphone for any application. Avoid giving third-party apps access to your phone’s accessibility features unless you’re sure what you’re doing.
Accessibility features allow malware to bypass the security devices installed on your smartphone. FluBot exploits this bug to spy on everything you do on your mobile device. It scans everything displayed on your screen and sends all data resembling IDs or credit card numbers.
SMS Removing SMS-based FluBot spyware 🚨
International Law Enforcement Operation involving 11 countries
🔹 Fastest spread mobile malware to date ⏩📱
🔹 Android malware has now become inactive ✋🛑
More ➡️ https://t.co/YcMC5XRS6o pic.twitter.com/ksPuSHk6aW
– Europol (@Europol) June 1, 2022
Beware of suspicious emails or text messages. Also, avoid opening attachments that come with strange messages. The US company is currently working on a solution to protect the system from threats of this type. Once the fixes are published, it will be urgent to update your system to protect yourself from this type of attack. Finally, always remember to use two-factor authentication systems to protect all your passwords.
IPhones are not saved
Although we only talked about Android so far. Headphones are far from being spared from this threat. Unlike Android, it is not easy to break into the closed ecosystem that is iOS. So hackers had to go through the TestFlight beta system to break into the products sold by Cupertino.
After clicking on a link received by SMS / WhatsApp and other messaging apps, a short download begins. When done, you will be prompted to access your phone’s accessibility features immediately.
To protect us from this threat, we therefore advise you to install one of the best antivirus on iPhone. These apps typically use a VPN tool that completely blocks all domain names that may be associated with malicious operations.
Finally, we advise you to never click on links received via SMS / WhatsApp and other messaging applications, regardless of the brand on your phone. And that unless you know where it’s coming from.