FluBot Is Stealing Passwords through Android Devices. There’s a new malware threat you need to be aware of, and it recently made its way onto the UK’s National Cyber Security Centre’s radar.
FluBot’s design is to steal information, including passwords and banking particulars. There are a couple of interesting aspects about this threat that are noteworthy.
First, iFluBot is currently being spread exclusively via text message. A potential victim will get a text claiming to be from a shipper. The text will include a link that the user can tap to install a package tracking app. Of course, there is no package and thus, no package tracking app, so if the user taps this link, it will install the FluBot malware stealing your passwords.
Worse, the code contains a module that gives FluBot worm-like capabilities. That allows it to access the victim’s contact list and send poisoned texts to each person on that contact list, allowing it to spread like wildfire.
FluBot is Currently in Europe
For the moment, the aptly named FluBot is circulating primarily in Europe. However, given the peculiar nature of its spread mechanism, it could easily jump to the United States with a vengeance or any other part of the world.
Unfortunately, there’s no good defense against FluBot at present, aside from education and awareness. Ensure your employees are aware of the threat of Flubot Stealing their passwords and are careful not to click on any links promising to track packages, even if they’re expecting a delivery. It is far better to open a new browser window, type in the URL of the shipper you’re expecting a package from, and track the package that way. That is, rather than risking a FluBot infection that could put a wide range of sensitive Android data at risk and cause problems for everyone on your contact list.
Stay vigilant. This won’t be the last threat to emerge in 2021.