The Android malware Flubot is back and spreads itself via fake security updates. Such behavior had been observed months ago, but then it was quiet about the Trojan that made a name for itself with fake DHL notifications.
This is reported by Bleeping Computer. News about malicious Android malware is piling up again. After the malware called GriftHorse, we reported earlier, which spread rapidly and can be detected on more than ten million devices, the second “major attack” on Android users is now known.
Flubot Android malware is now warning of itself
The Flubot malware has now taken a seemingly more effective route to compromise Android devices on a massive scale. She is now trying to trick her victims into infecting themselves with fake security updates that warn them of Flubot infections. This trick isn’t new, but it has been fairly well contained in the past by Android security mechanisms. Now the New Zealand Computer Emergency Response Team (Cert NZ) is warning of the newly surfaced Flubot installation page. This acts as bait to give users a sense of urgency and to encourage potential victims to install malicious applications themselves.
For example, it says: “Your device is infected with the FluBot® malware program. Android has determined that your device is infected. FluBot is Android spy software that aims to steal financial login and password data from your device. You need to install an Android security update to remove FluBot. ” So far the background information is correct – Flubot is designed to primarily spy on banking data. The fact that the fraudsters use it to “advertise” their victims is a trick that has often been used by other malware gangs.
Potential victims are also instructed to activate the installation of unknown apps, as security messages often come from Android when trying to download the malware. “If you see this page, it does not mean that you are infected with Flubot. However, if you follow the wrong instructions on this page, your device will be infected,” said CERT NZ.
Ignore false update notification via SMS
Similar to the Flubot-DHL trick, the messages about the fake security updates spread via SMS or messenger messages. Anyone who receives such a security warning should simply ignore it, under no circumstances click on any links sent, and delete the messages.
Manager at Research Snipers, RS-NEWS, Digital marketing enthusiast and industry professional in Digital technologies, Technology News, Mobile phones, software, gadgets with vast experience in the tech industry, I have a keen interest in technology, News breaking.