• Thu. Dec 1st, 2022

International Police arrest ‘FluBot’ cell phone scam – The New Indian Express

ByCindy J. Daddario

Jun 1, 2022

By AFP

THE HAGUE, NETHERLANDS: Police in 11 countries have busted a mobile phone scam dubbed FluBot that has spread around the world via fake text messages, Dutch and European police said on Wednesday.

Dutch cybercops carried out an operation in May targeting the malware, which infects Android phones using texts claiming to be from a parcel company or indicating that someone has a voicemail waiting.

Hackers then stole bank details from infected phones, which automatically sent messages to other mobiles in the user’s contact list, spreading the scam like a flu virus.

“To date, we have disconnected ten thousand victims from the FluBot network and prevented more than 6.5 million spam messages,” Dutch police said in a statement.

European police agency Europol said FluBot was among “the fastest mobile malware to date” and was “capable of spreading like wildfire due to its ability to access a smartphone’s contacts. infected”.

Police have rendered the malware “inactive” but are still prosecuting the culprits, he said.

“This FluBot infrastructure is now under the control of law enforcement, ending the downward spiral,” Europol said.

The countries involved in carrying out the survey were Australia, United States, Belgium, Finland, Hungary, Ireland, Romania, Spain, Sweden, Switzerland and the Netherlands , coordinated by Europol’s Cybercrime Centre.

FluBot has become one of the world’s most notorious cyber scams after it first surfaced in December 2020, “sowing havoc” around the world, Europol said.

READ ALSO | Big companies are trying to grab a piece of the “gig” pie

The agency said the bug compromised a “large number of devices worldwide”, particularly in Europe and the United States, with “major incidents” in Spain and Finland.

Australian media said last year that FluBot was spreading “like a tsunami”, with some users being bombarded with text messages.

‘Very dangerous’

Details of how police ended the scam remain unclear, with officials saying they don’t want criminals to know how they busted it.

Dutch police said a cybercrime team in the eastern Netherlands neutralized FluBot by “intervening and disrupting the criminal process”, without giving further details.

Europol said the withdrawal did not involve the removal of physical infrastructure such as servers, but also declined to say more.

“Dutch police have found another way to disrupt criminal activity,” a Europol spokeswoman said. AFP.

But FluBot’s method was simple, according to Europol and Dutch police.

It would arrive “mostly via a fake text message from a well-known parcel delivery service” or saying the user had a voicemail to listen to.

They would then be asked to click a link to download a Parcel Service app to track a package or listen to voicemail.

But in fact, FluBot would install the malware on their phones. The fake app would then request permission to access various other apps.

Hackers could then see their victims enter passwords for banking, credit card or cryptocurrency apps and steal them, Europol said.

What made him “very dangerous” was his ability to access a phone‘s contact list and then send fake text messages to other phones.

“Victims often don’t know they’ve installed the malware. The spread of malware also happens without the knowledge of a mobile phone user,” Dutch police said.

The scam only targeted phones running Google’s Android operating system. Apple’s iOS system was not affected.