Malware

‘FluBot’ Malware Delivery Via SMS Texts Targets Android Devices

A text message scam that infects Android phones is spreading across the UK, warns the country’s National Cyber Security Centre.

The message which pretends to be from a package delivery firm, prompts users to install a tracking app – but is a malicious piece of spyware.

A malicious piece of spyware, known as ‘FluBot’ is installed when a victim receives a text message, asking them to install a tracking app due to a ‘missed package delivery’. The tracking app is spyware that steals passwords and other sensitive data.

It will also access contact details and send out additional text messages, further spreading the spyware. The text message requests that victims click a link, upon clicking the link directs them to a scam website.

Directs to a scam website (Branding may vary):

  1. Users of Android devices (such as those manufactured by Google, Huawei and Samsung) will be encouraged to download an app.
  2. Users of Apple devices are not currently at risk, although the scam text messages may still redirect them to a scam website which may steal your personal information.

When a scam text message is received:

  1. Do not click the link in the message, and do not install any apps if prompted.
  2. Forward the message to 7726, a free spam-reporting service provided by phone operators.
  3. Delete the message.

The U.K.’s National Cyber Security Centre (NCSC) advises that “If you were expecting a DHL delivery, you should visit the official DHL website (track.dhlparcel.co.uk) to track your delivery. Do not use the link in the scam text message”.

If you have already clicked the link to download the application:

Upon clicking the link to download the application the victim should clean the device, as their passwords and online accounts are now at risk from hackers.

It is advisable to perform a factory reset as soon as possible. The process for doing this will vary based on the device manufacturer. Note that if you don’t have backups enabled, you will lose data.

After you set up the device after the reset, it may ask you if you want to restore from a backup. You should avoid restoring from any backups created after you downloaded the app, as they will also be infected.

How to Protect Your Accounts:

If you have logged in to any accounts or apps using a password since downloading the app, that account password needs to be changed.

Additionally, if you have used these same passwords for any other accounts, then those passwords also need to be changed. To prevent future attacks, NSCS said users of Android devices, check that Google’s Play Protect service is enabled if your device supports it. Some Huawei devices provide a similar tool to scan devices for viruses. This will ensure that any malware on your device can be detected and removed.

Also Read

Hackers Compromised APKPure Android App Store to Deliver Malware

Malicious App in Google Play Store Hijack SMS Message Notifications to Commit Billing Fraud

Guru Baran

Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Recent Posts

Multiple Splunk Vulnerabilities Attackers Bypass SPL Safeguards : Patch Now

Splunk Inc. has disclosed two significant vulnerabilities within its software suite, posing a considerable risk…

3 hours ago

GoPlus’s Latest Report Highlights How Blockchain Communities Are Leveraging Critical API Security Data To Mitigate Web3 Threats

GoPlus Labs, the leading Web3 security infrastructure provider, has unveiled a groundbreaking report that highlights…

16 hours ago

C2A Security’s EVSec Risk Management and Automation Platform Gains Automotive Industry Favor as Companies Pursue Regulatory Compliance

In 2023, C2A Security added multiple OEMs and Tier 1s to its portfolio of customers,…

17 hours ago

Apple ID “push bombing” Attack Targeting Apple Users to Steal passwords

Apple users are falling prey to a sophisticated phishing campaign designed to hijack their Apple…

19 hours ago

Hackers Using Weaponized Virtual Hard Disk Files to Deliver Remcos RAT

Hackers have been found leveraging weaponized virtual hard disk (VHD) files to deploy the notorious…

20 hours ago

NVIDIA ChatRTX For Windows App Vulnerability Let Attackers Escalate Privilege

A security update released by ChatRTX on March 26th, 2024, addresses two vulnerabilities (CVE-2024-0082 and…

24 hours ago