The threats people face online continue to change and evolve. NortonLifeLock researchers have been tracking one of these threats, FluBot, since it began to spread across Europe in April 2021. This mobile malware infects and steals data from the phones of unsuspecting victims, highlighting the importance of Download full security to help keep devices and data safe.
What is FluBot?
The malware of the moment, which is making the headlines, is the aptly named: FluBot. It is a banking Trojan, which means it is designed to appear legitimate to the recipient. He texted unsuspecting targets, claiming they missed a call or have a new voicemail, sometimes masquerading as well-known institutions, like parcel delivery services or trusted banks . Once someone unsuspectingly clicked on the link, they unfortunately gave FluBot access to their phone and data. Now installed, it will access all the personal information it can collect – passwords, banking information, credit card details and it can even steal contact details from the phone to broadcast to other phones.
Although they primarily target Android devices, iOS users are not exempt from receiving malicious FluBot SMS. The good thing: iOS apps can normally only be downloaded through Apple’s official App Store, making it much harder for malware to land on iPhones and iPads. On the other hand, you need to be more careful because the app will install on phones that have sideloaded on, which means their owners allow installation from apps outside of the Google Play store.
How does FluBot work exactly?
The successful spread of this malware can be attributed to its distribution and timing, a direct result of the impact of the COVID-19 pandemic on people’s digital lives.
- The first step for cybercriminals is to text thousands of mobile devices. This could be a text message informing you that you have received a voicemail message, detailing a specific time and date for the missed call, and asking you to “click on the link” to go to the recording. The other common trick is to trick you into clicking a link so you can apparently see the location of your package. Due to COVID-19, more and more people are using online stores to purchase their products, so it seems very plausible to receive a parcel tracking link.
- Links and SMS are disguised to appear as if they are from a familiar and trusted company. However, once clicked, they redirect the victim to a web page. The web page is designed to appear legitimate in order to encourage the victim to believe that they have been taken to the company’s official website. A pop-up prompt will appear and ask the victim to download and install an app. This is a malicious application and can be very dangerous for your personal data. The disguised app will most likely ask for accessibility permissions, in order to grant itself even more permissions.
- At this point, the malicious application is now active, armed, and running in the background of the victim’s smartphone.
It will now start to do the following:
- Spread further by accessing the phone’s contact list
- Gather all the sensitive information he can get
FluBot has yet another goal: to monitor the applications opened by the victim. If it recognizes a target application, the malware takes action by offering overlays that look like the real thing, but these are designed to collect data from the victim. The final step is to send all the collected user information back to the cybercriminals.
What can you do to protect yourself against FluBot?
It pays to maintain good mobile hygiene – keep your devices up to date with the latest operating system, use strong passwords combined with multi-factor authentication, and of course, use full security to keep your devices and your devices safe. data. This is where Norton Mobile Security can help, as it alerts and helps defend against FluBot.
- If you are on an Android device,
disable “Install unknown applications“A lot of malicious apps end up on your phone outside of the official Google Play store, but from unknown sources. While it can be tempting to install the occasional app that you can’t find in the official app store, if you’re willing to take the risk and trust the source, be sure to turn off at new functionality afterwards, to reduce any ongoing security risk.
- Never open links that look suspiciousCheck that the mail is actually coming from the sender it claims to be. If he promises things that seem too good to be true, they probably are.
- Don’t give broad permissions to apps, only let them access what they need to function. Avoid apps that request more data than necessary. As can be seen in the FluBotcase, extended permissions can allow malware to perform its unwanted tasks and spread further.
- Get protection for your mobile device with Norton Mobile Security.
Norton Mobile Security supports you
Norton Mobile Security includes SMS Security designed to protect your device from suspicious texts containing phishing links. This feature actively helps identify SMS text messages with unsafe links and moves them to your spam or unknown sender folder, to prevent you from inadvertently clicking on them and potentially putting your personal information at risk.
© Scoop Media