The FluBot malware continues its evolution and returns to the forefront of the most dangerous threats for Android smartphone users. A new attack campaign is currently underway. The FluBot malware is a banking Trojan that intrudes on your phone to steal your login credentials and banking information. And this, using a fake app that you downloaded.
A life-threatening threat
According to our colleagues from Presse Citron, the modus operandi of criminals is quite simple. It all starts with an SMS that the victim receives warning him that he has received a voice message. Except that by trying to open the message in question, the person is asked to perform a security update for the good of their device.
Of course, there is no reason for you to perform said update. It’s not even an Update, but spyware. If you ever download it, it will ask your permission to access the phone’s accessibility features.
This fake application will allow criminals to automatically receive the bank details of their victims. Everything is done in a totally discreet way. The FluBot malware works independently, once installed on your smartphone, it will automatically transmit your data to its sponsor.
The European police office Europol announced on Wednesday the dismantling of the spyware “Flubot”, which attacked Android mobile phones via SMS to steal sensitive information, passwords or bank details
➡️ https://t.co/ySdNBEbWX4 pic.twitter.com/FYqwmzXtTZ
– The Parisian (@le_Parisian) June 1, 2022
Unfortunately, there is no security system capable of preventing it from sending the harvested information to an Android phone. For now, nothing will be able to protect you from this malware. The only thing you can do is never click on a link you received via text message or other messaging platform until you know what’s going on.
Avoid clicking on suspicious links
Many people agree to give permissions requested by apps without really thinking about what they are doing. It’s a state of affairs that criminals exploit to make their way through multiple systems.
If these authorization requests have been introduced, there is a reason. It would therefore be wise not to open the door of your smartphone to any application. Avoid giving third-party apps access to your phone’s accessibility features unless you’re sure what you’re doing.
Accessibility features give malware the ability to bypass the security devices installed on your smartphone. FluBot exploits this flaw to spy on everything you do on your mobile device. It scans everything that appears on your screen and sends any data that looks like IDs or credit card numbers.
🚨 Takedown of SMS-based FluBot spyware 🚨
🔹 International law enforcement operation involving 11 countries 🌍🚔
🔹 Fastest-spreading mobile malware to date ⏩📱
🔹 The Android malware has now been rendered inactive ✋🛑
More ➡️ https://t.co/YcMC5XRS6o pic.twitter.com/ksPuSHk6aW
— Europol (@Europol) June 1, 2022
Beware of suspicious emails or text messages. Also avoid opening attachments that come with strange messages. The American firm is currently working on a solution to protect the system from threats of this type. As soon as the patches are published, it will be urgent to update your system in order to protect yourself from this kind of attack. Finally, remember to always use two-factor authentication systems to protect all your passwords.
iPhones are not spared
Even if we were only talking about Android, so far. Head phones are far from being spared from this threat. Unlike Android, breaking into the closed ecosystem that is iOS is not easy. So hackers had to go through the TestFlight beta system to break into the products sold by Cupertino.
After clicking on a link received by SMS/WhatsApp and other messaging apps, a brief download will be initiated. Once complete, you will be prompted for access to your phone’s accessibility features right away.
To protect ourselves from this threat, we therefore advise you to install one of the best antiviruses on iPhone. These apps typically use a VPN tool that completely blocks all domain names that may be associated with malicious operations.
To conclude, we advise you never to click on links received by SMS/WhatsApp and other messaging applications, regardless of the brand of your phone. And that, unless you know where it comes from.