FluBot Malware: What to Know About This Android Threat
If you’re an Android user, you need to know about FluBot. The scam first appeared in late 2020 and is now spreading like wildfire through Android devices, using SMS messages to trick users into downloading malware. Let’s break down what happens when your device comes down with a case of the FluBot
Android OS has just over 70% market share in the global smartphone operating system market. For cybercriminals, it’s an irresistibly large pool of prospective targets. That’s why Android has been an evergreen target for hackers — if even a small number of their attacks succeed, the rewards can be enormous.
One of the newer threats in town is FluBot malware. It started spreading in Europe earlier in 2021 before spreading to Australia and New Zealand in August. It is still active and is spreading rapidly.
In this article, we’ll answer the following questions:
What Is FluBot Malware? Defining FluBot Android Malware
FluBot, which BleepingComputer says is also known as Fedex Banker and Cabassous, is a type of malicious software that infects Android smartphones and devices via SMS text messages. Once infected, the malware gives hackers access to the operations of the affected Android device.
Once a user downloads the malware, the hackers can use their access to do one or all of the following:
How FluBot Infects Android Devices: A Look at FluBot Scam Messages
FluBot travels via SMS text messages, sending a link as part of the messages to recipients. Although both Android and Apple phones can receive messages carrying FluBot, only Android devices can be infected by the malware. Messages may talk about an incoming delivery, a software update, or even state that your phone has been infected with malware or that you have been part of a data breach.
The common factor is that each message contains a link to a download page. These links are usually disguised as one of the following to entice you to download and install the software:
In reality, the link takes the victim to a FluBot malware download page. Your device won’t become infected unless you download and install the malware. If you receive any unsolicited SMS messages relating to these topics, exercise extreme caution and avoid clicking on any links.
Here’s a quick example of how the message looks and what occurs when you click on the fraudulent link:
What Damage Can FluBot Malware Cause?
It seems that FluBot is spreading to every corner of the globe. According to Proofpoint’s estimates, there were 7,000 devices infected with FluBot in the United Kingdom (U.K.) by April 2021, with tens of thousands of malicious SMS messages being delivered every hour. In Australia, the government’s Scamwatch service received more than 16,000 reports of FluBot scams between August and October 2021 alone.
But what happens once a device is infected? Once installed on an Android device, FluBot can:
A disturbing aspect of FluBot malware is that you won’t see typical symptoms of infection such as your phone slowing down or the screen freezing. You’ll likely only notice FluBot when it’s too late — after the scammer has already done something nefarious.
How Do I Know If I Have FluBot? 3 Key Warning Signs to Look Out For
Detecting a FluBot malware infection can be challenging. However, Telstra shares three warning signs that you can look out for on your devices:
My Phone Got Infected with FluBot — Now What?
If you suspect that your phone is already affected by FluBot, you must act quickly to limit the damage and stop the malware from spreading further. Here’s what you need to do:
So far, no anti-malware company has claimed that they can successfully detect and remove FluBot. That’s why, for now, a factory reset is the only way to get rid of it.
How to Prevent FluBot Scams From Infecting Your Organization’s Devices
Please note that your phone can’t be infected with FluBot malware unless you or one of your employees downloads the software. That means, even if you receive the text message that you open and click on the link, the virus can’t invade your phone unless you download the malware-laden software. Your device will show a security warning before downloading the software. If you abandon the download at this stage, you’ll still be safe.
Here are some basic awareness tips to help you avoid FluBot:
Final Thoughts on FluBot Malware
Imagine your friend calling you asking about the SMS he received from you, but you have no clue about it. Or receiving a message about a financial transaction from your bank account that you didn’t make. These types of incidents take place if your device is infected with the FluBot malware.
If you are an Android user who has opened a link from a text message and downloaded software, there’s a high chance that your device is affected by FluBot malware. Please follow the steps described in this article to protect your phone from further damage.
Manage Certificates Like a Pro
14 Certificate Management Best Practices to keep your organization running, secure and fully-compliant.
This content was originally published here.