KEY POINTS

  • Flubot is a malware that invades Android devices via text message
  • The text message asks the Android user to install an app that happens to be spyware
  • ​Android and Apple users must exercise caution when receiving SMS

A malware that can steal a user’s password recently intruded on Android devices. Reports say that although the attack currently threatens Android devices, Apple iPhones could be at risk too.

The National Security Cyber Crime (NCSC) issued a warning to the public on the presence of malware that is capable of stealing Android users’ passwords. According to a website security guidance post published on April 23, the malware, dubbed FluBot, is rapidly spreading and can steal a victim’s bank details and other important information.

FluBot disguises as a text message sent from a delivery company claiming that the victim may have missed package delivery. The SMS asks the victim to click on the included link to track the package, ZDnet reported.

The link directs to a website asking the Android user to download and install an Android Package (APK) in order to track the delivery. Since the Android system automatically blocks malicious APKs, FluBot provides the victim with a step-by-step prompt on how to bypass the Android security.

Once installed, the tracking application, which is actually spyware, will receive the necessary permission to access protected accounts, begin to steal the user’s password and other sensitive information, and break into the contact details.

The attack does not stop there, as FluBot uses the Android user’s contact information to send out similar text messages to the ones that the user received. This means all contacts are vulnerable to the same spyware invasion.

FluBot launches the attack by hiding behind known delivery services and stores names such as DHL, Asda, Amazon and Argos.

Flubot currently affects Android devices from Google, Huawei and Samsung. Although there are no reported iPhones infected yet, Apple users are still prone to receive spam text messages that will lead them to a malicious website.

The NCSC reminded Android holders to be cautious when receiving text messages from delivery services, should they have an expected delivery or not. The U.K. agency urges users to immediately forward the SMS to 7726, a free spam-reporting service from operators.

In case a user already downloaded and installed the app, they should not sign in to any account. Perform a factory reset and immediately change the passwords of all the accounts signed in to the device when the spam messages came.

Malware
A growing number of ready-made exploit kits known as EKs are using deceptive fileless attacks creating bigger challenges to defenders and compromising victims. Christoph Scholz/Flickr
RELATED STORIES
Malware Android Iphone