In order to enter a victim’s device, the FluBot malware infects Android phones, which are frequently used to send fraudulent text messages.
Bitdefender Labs researchers have identified several new ways for the FluBot virus to spread on Android devices.
Perpetrators can target consumers in many countries worldwide using various methods such as sending fake emails or SMS. They then disguise the malware as an official app on the Play Store.
Sending mails under the guise of a package delivery firm is one method the scam is carried out. The criminals also offer the victim to install a tracking application, which is harmful malware.
During their investigation of Flubot, they discovered that the virus had been camouflaged as a QR code reader.
According to reports, Teabot has been downloaded over 100,000 times from the Google Play Store and is available in 17 different variations.
FluBot is reported to be able to take control of devices and spy on target phones to capture sensitive data such as online banking information.
Because FluBot can send text messages to many infected users’ contacts, the malware can quickly infect a large group of users.
The loss of very sensitive personal data from users’ phones poses a more significant risk.
According to the website it-finanzmagazin.de, the cybercriminals behind this infection are waging a new devastation campaign against smartphone users in Europe. The purpose was to distribute malware across Europe to steal personal banking data from mobile phones. Germany was the hardest impacted, accounting for 37.39 percent of all observed assault attempts.
FluBot’s operations have primarily targeted European countries. Therefore the recent campaign in Australia has scarcely been noticed. Germany leads the way with 37.39 percent of attacks observed, followed by Romania with 31.55 percent and the United Kingdom with 17.55 percent. Poland, Spain, Sweden, Austria, Finland, and Denmark followed with a smaller share.
The spyware is disguised as SMS messages from various well-known service providers, including DHL, UPS, Google Chrome, and WhatsApp. SMS-based phishing (smishing) employs voice messages purporting to be from various well-known services – generally parcel delivery services – to persuade users to install malware hidden behind programs that play audio content.
The attackers’ stated goal is for the victim to install Flubot independently. After being downloaded, the malicious app will request access permissions to various critical smartphone services and data.
According to Bitdefender, smartphone users can install a security program to recognize FluBot and protect themselves from social engineering assaults on mobile devices. Additional security is provided by a defensive function that identifies fraud and prevents smishing attacks even before the user interacts with dangerous information.