Security News > 2021 > April > Attention! FluBot Android Banking Malware Spreads Quickly Across Europe
Attention, Android users! A banking malware capable of stealing sensitive information is "Spreading rapidly" across Europe, with the U.S. likely to be the next target.
FluBot, a nascent entry in the banking trojan landscape, began its operations late last year, with campaigns leveraging the malware infecting more than 60,000 users in Spain, according to an analysis published by Proactive Defence Against Future Threats in March 2021.
"FluBot is a new Android banking malware that uses overlay attacks to perform webview-based application phishing," the researchers noted.
"The malware mainly targets mobile banking and cryptocurrency applications but also gathers a wide range of user data from all installed applications on a given device."
Upon installation, FluBot not only tracks the applications launched on the device but also overlays login pages of financial apps with specially-crafted malicious variants from an attacker-controlled server, designed with the goal of hijacking credentials, in addition to retrieving contact lists, messages, calls, and notifications by abusing the Android Accessibility Service.
The spurt in FluBot activity has prompted Germany's Federal Office for Information Security and the U.K.'s National Cyber Security Centre to issue alerts warning of ongoing attacks via fraudulent SMS messages that trick users into installing "Spyware that steals passwords and other sensitive data."
News URL
http://feedproxy.google.com/~r/TheHackersNews/~3/EPhL03PVSqI/attention-flubot-android-banking.html
Related news
- Hackers steal banking creds from iOS, Android users via PWA apps (source)
- Android malware uses NFC to steal money at ATMs (source)
- New NGate Android malware uses NFC chip to steal credit card data (source)
- Cybercriminals Deploy New Malware to Steal Data via Android’s Near Field Communication (NFC) (source)
- New Android Malware NGate Steals NFC Data to Clone Contactless Payment Cards (source)
- Rocinante Trojan Poses as Banking Apps to Steal Sensitive Data from Brazilian Android Users (source)
- SpyAgent Android malware steals your crypto recovery phrases from images (source)
- New Android SpyAgent Malware Uses OCR to Steal Crypto Wallet Recovery Keys (source)
- Beware: New Vo1d Malware Infects 1.3 Million Android-based TV Boxes Worldwide (source)
- New Android Malware 'Ajina.Banker' Steals Financial Data and Bypasses 2FA via Telegram (source)