Android Phones Susceptible to 'FluBot' Malware

John Lister's picture

Scammers have developed a new tactic to spread malware. It's a piece of evil genius with the emphasis strictly on the evil.

The scam involves a piece of malware that targets Android phones. It's dubbed FluBot, though that appears to be more a reference to the way it's designed to quickly spread rather than having any connection to human illnesses.

FluBot first appeared earlier this year in a fairly conventional form. It starts with unsolicited text messages claiming to be from a courier company that was unable to make a delivery. The culprits appear to have been taking advantage of people doing more online shopping following lockdown periods, but now being more likely to be out of the house and miss deliveries.

The messages include a link to a page with a button that supposedly downloads a dedicated app for rearranging a delivery and then tracking its progress. Instead, it's actually malware that appears mainly designed to try to access financial account logins. It also sends copies of the original text message to other phones, hence the virus-like spreading.

Security researchers highlighted the problem and in the past few weeks government agencies in countries including New Zealand ran awareness campaigns. That's when the scammers unleashed their new twist.

Bogus Warning

The download page no longer offers a tracking app but instead shows what appears to be a warning page with white text on a red background reading:

Your device is infected with the FluBot malware. Android has detected that your device has been infected. FluBot is an Android spyware that aims to steal financial login and password data from your device. You must install an Android security update to remove FluBot.

The message finishes with a button marked "Install security update." (Source: threatpost.com)

Android At Risk

Of course, this is all a lie. The phone showing this message does not have FluBot... until, that is, the user clicks the button which, rather than remove the malware, starts the process of installing it.

Although the messages have appeared on iPhones, FluBot appears to only be a risk to Android phones. The best advice is to never click on a link in a text message without first verifying it from the supposed sender. (Source: lifehacker.com)

What's Your Opinion?

Have you seen such messages? Are you surprised by the creativity of the scammers? How confident are you that you can spot such scams?

Rate this article: 
Average: 4.8 (13 votes)

Comments

eric's picture

I can't believe people still fall for this kind of scam.