Business Today
Loading...

FluBot malware asks Android users to track package delivery using link, then steals bank details

FluBot is installed via text messages claiming to be from a delivery company that asks users to click a link to track package delivery. The phishing link then asks users to install an application to follow the fake delivery.

twitter-logoIndia Today Tech | April 28, 2021 | Updated 19:05 IST
(Picture: Reuters)

Highlights

  • FluBot is malware then can get access to affected users’ personal details.
  • The malware comes in disguise as a delivery company that directs users to click on a link to track the package delivery.
  • The malware is spreading and widely affecting users in the UK, Spain, Germany, and Poland.

Are you in the habit of clicking on links that you get through SMSes? If yes, you may want to be careful and give a second thought before you click on a random link to track delivery or to download something, because that link could cost you. Reports of a new malware called FluBot spreading fast in the UK in disguise of package delivery tracker have surfaced. The malware is installed via text messages and claims to be from a delivery company that directs users to click on a link to track the package delivery. The phishing link then asks users to install an application to track the delivery. The app in reality is malware that steals information from affected Android phones.

The malware is spreading fast and widely affecting users in the UK, Spain, Germany, and Poland. The UK's National Cyber Security Centre (NCSC) has issued security guidance to identify the malware and network providers like Vodafone UK have issued warnings to users over the text message attacks. The NCSC says that affected users must reset their devices as soon as possible as the malware cannot survive a full data wipe. It also directs users to not log into any new accounts to prevent their data from getting compromised. Further, they should change passwords as the virus may have compromised the passwords too.

FluBot is installed via text messages claiming to be from a delivery company that asks users to click a link to track package delivery. This phishing link asks users to install an application to follow the fake delivery. When an Android user clicks on this phishing link, he is redirected to a website that takes users to third-party sites to download malicious APK (Android Package File) files. The report notes that such files are usually blocked by default to protect users from attacks, however, the fake websites give users information on how to go about the protections to download FluBot.

First reported by BBC, the malware takes over devices and spies on phones to gather sensitive data, like passwords, banking details, and even the address book through which the fake message can be sent to other users in the affected user's contact book.

  • Print
  • COMMENT
BT-Story-Page-B.gif
A    A   A
close