FluBot season arrives in Australia – Security | #android | #security


FluBot, an Android malware that tries to steal users’ banking credentials, is targeting Australian users currently through bogus SMS texts with malicious links purporting to be voicemail notifications.

Melbourne comedian Em Rusciano was warned by Telstra on Twitter that she had been sent FluBot messages, which the telco said were hard to block as they arrive from legitimate handsets.

If users click on the booby-trapped links in the messages, they are asked by the attackers to install FluBot.

The FluBot installation will only work if users permit app installations outside of the official Google Play Store.

Security researchers observed last week that a new version of the malware had Australia added to its list of target countries.

Internet metrics company Netcraft reported last week that a number of Australian banks are being targeted by Flubot.

Apart from banking credentials stealing, FluBot can also capture credit card details, exfiltrate user contacts, and install spyware.

It will also disable the Google Play Protect anti-malware app.

Telstra advised users that most Android anti-malware utilities can clean out the FluBot infection.

Security vendor ESET said FluBot can be manually uninstalled by users, and have made a how-to video for the process.

Prior to Australia, FluBot has been active in European countries such as the Netherlands, Switzerland and Finland since May this year.

In Europe, FluBot has used a different deception, purporting to be SMS messages from a courier company.





Original Source link

Leave a Reply

Your email address will not be published. Required fields are marked *

forty eight − = 45