Beware of FluBot malware (Android-iOS)

Why FluBot is a major threat to Android users, how to avoid it, and how to get rid of malware if your device is already infected.

The malware Android known as FluBot continues to wreak havoc in some European countries and there is speculation that cybercriminals hiding behind it may decide to strike in other geographical areas, such as the United States.flow

The FluBot malware targets mainly Android and iPhone users and was first discovered in Spain in late December 2020 by cybersecurity company ESET. Apart from Spain, it has spread to Germany, Poland, Italy and the Netherlands to date, and it is very likely that the cybercriminals behind it will decide to target other countries, including Greece.

Από το τέλος Δεκεμβρίου 2020 έως το τέλος Φεβρουαρίου 2021, ο κύριος στόχος του FluBot ήταν σαφώς οι Ισπανοί χρήστες Android. Στα τέλη Φεβρουαρίου, σύμφωνα με εκσεις, έως και 60.000 συσκευές Android στην Ισπανία είχαν πέσει θύματα του FluBot. Επιπλέον, περισσότεροι από 11 εκατομμύρια αριθμοί τηλεφώνου, σχεδόν όλοι ανήκουν σε κατοίκους της Ισπανίας, είχαν πέσει στα χέρια των χειριστών του FluBot.

Here's why you need to be careful
If someone falls victim to a malicious attack, then the cybercriminal gains access to his device. This means that the cybercriminal will be able to steal credit card numbers and gain access to the victim's online bank accounts.

So he deceives his victims
The victim first receives an SMS message that appears to have been sent by a well-known logistics company, such as FedEx, DHL and, in the case of Spain, Correos.

The message prompts the user to click on a link to download and install an application that appears to belong to the same company as the one that sent the SMS.

It's actually a malicious application that has the FluBot malware built into it. A sample of the SMS message and the application installation message (in German) can be seen below:
ceea7a9e 27c9 462b 8326 10eb41a3aee1

498c7356 a6c4 4cb1 ab8d eee7af626a54

7f7d45e9 c5c3 42a8 beb8 97678751cd1d

Once installed and licensed, FluBot releases a host of features, including SMS spamming, credit card and credit card number theft, and spyware software.

The contact list is then sent to servers under the control of fraudsters, providing them with additional personal information and allowing them to launch new attacks on other potential victims.

Cybercriminals can intercept SMS messages and notifications from telecom companies, open browser pages and by using cloaking techniques , να ζητούν και να αποσπούν διαπιστευτήρια.

The malicious application also disables Google Play Protect to prevent detection by embedded operating system security. Also, due to the permissions granted, cybercriminals are able to block the installation of anti-malware solutions by third parties.

What can you do

If you receive an unknown or unexpected SMS with a link, avoid clicking on the link and delete the message immediately.

Εάν το κακόβουλο λογισμικό έχει εγκατασταθεί σε μια συσκευή και έχει πραγματοποιηθεί τραπεζική συναλλαγή ή άλλη δραστηριότητα από τότε που πραγματοποιήθηκε η εγκατάσταση, επικοινωνήστε με τους ενδιαφερόμενους οργανισμούς αμέσως και μπλοκάρετε την πρόσβαση. Επίσης, όπου χρειάζεται, αλλάξτε κωδικούς πρόσβασης – θυμηθείτε να τε μοναδικούς και ισχυρούς κωδικούς πρόσβασης.

It is also worth noting that these tips will help you protect yourself from other Android malware executives.

In recent days, cybercriminals have begun targeting Europeans with TeaBot (also known as Anatsa or Toddler). This is a family of Android malware that uses exactly the same technique as FluBot to spread and entice users to disclose their sensitive data.

FluBot and TeaBot are detected by ESET products as variants of the Android / TrojanDropper.Agent family. The Best Technology Site in Greecefgns

Subscribe to Blog by Email

Subscribe to this blog and receive notifications of new posts by email.


Written by newsbot

Although the press releases will be from very select to rarely, I said to go ... because sometimes the authors are hiding.

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).