A new Android malware called Flubot is spreading in Europe. FluBot steals passwords and login information to your online accounts, personal details, and banking information. The information is used to make payments (or in other words: steal your money), account takeover and online identity theft. FluBot also sends SMS messages to new victims and spreads itself further. All of this is done without the users’ knowledge.
FluBot has so far been detected mostly in European countries. It’s likely to spread also to the rest of the world if the threat actors behind it aren’t stopped.
Here’s how FluBot works
An infected device sends an SMS message that contains a phishing link. The message claims it has been sent by some well-known delivery service, like DHL, UPS, FedEx, Correos, or Amazon.
The message tells there’s a package in delivery and prompts the receiver to install a tracking app to settle the delivery time. Following the provided link, the victim downloads the malware that is masked using the delivery company’s name and logo.
Once downloaded, the “tracking app” that actually is FluBot, asks for accessibility permissions. If granted, the malware grants itself more extensive app permissions and becomes a system app. Then it can start its work.
How to stay safe from FluBot and other mobile malware
There should be no illusion about this: mobile phones are not immune to online threats. Malware, phishing, unsafe networks, and other threats for mobile phone users also exist. FluBot is just one of the newest threats out there. Here’s a few things you can do to protect your mobile phone and digital life on the go.
1. Use antivirus for mobile devices
Malware targeting mobile devices is getting more common. While official app stores are not likely to spread malware, you can get infection from other sources.
2. Don’t open suspicious links
Check the email address of the sender. Due to the smaller screen space, most mobile email apps show only the name of the sender, not their address. Mobile devices are also used on the go, which makes it easier to fall for phishing scams. Don’t open suspicious links. Remember, no reputable company or authority will ask for personal information through email or SMS.
3. Avoid shady apps
While there’s no unambiguous way to tell a suspicious app from a genuine app, start by thinking what you use it for. If it’s not necessary, there’s no point in getting it. If it doesn’t work for you, delete it immediately. In case of tracking packages, you can typically do that on the carrier’s website and don’t need a separate app for that. Don’t download apps from unofficial appstores and remember that it’s not a good idea to enable the “Install from Unknown Sources” option.
4. Don’t give apps unnecessary permissions
Like in FluBot’s case, granting app permissions can enable malware and other suspicious apps to do malicious tasks. It can also lead to data leakage. Always consider what permissions you grant to apps. Why do they need them?
As an iPhone user, do I have to care about FluBot?
The malware itself isn’t a threat to iPhone users, but the phishing website can still be dangerous. Don’t open any suspicious links and be careful about what personal information you give to online services. The 4 tips provided earlier are useful for iPhone users as well.