Flubot Malware Infecting Android Mobile Devices

Owners of Android mobile devices, phones in particular, living in the UK have recently been targeted by a new malware campaign. The malware in question is called Flubut and acts as spyware.

Flubot is being disseminated using fake delivery messages. The bad actors running the operation send fake "missed package delivery", relying on victims to tap a malicious link in the text message and install an equally fake tracking application. In reality, what is being installed is a spyware malicious Android app that can steal your passwords as you work with your device.

The Flubot spyware, once deployed on a victim's phone, will also scan their contacts and send further malicious fake text messages to any contacts found, propagating itself further.

Even though users who own an Apple phone appear to be safe at the moment, this scam may in the future be used to redirect them to a newly installed malicious website that can also steal personal information and passwords.

The crooks running the current operation using Flubot have chosen to mimic the layout and look of real DHL messages. Of course, this can change in the future, if a new push to spread Flubot decided to rebrand the messages and abuse another popular shipping service brand name.

Security experts warn that anyone who received similar messages should not tap or visit any of the links contained in them and should just use the official DHL tracking portal instead. It seems a device can be salvaged, assuming you clicked the link but never entered any passwords or sensitive information. Security experts recommend a complete factory reset of the device.

Of course, that will often lead to significant data loss but that is always preferable compared to all your passwords being stolen and your important and potentially sensitive accounts being compromised.

The fact that the fake DHL-branded Flubot messages ask the victim to download an Android .apk application package that is a raw file and is not hosted on the official Google Android app store should be a pretty significant red flag for any users who are a bit more tech savvy. However, a lot of people are in a hurry and don't really stop to think what they are doing on their phone, so the Flubol spyware can be a very real threat to everyone.

April 27, 2021

Leave a Reply