Security News > 2021 > April > Attention! FluBot Android Banking Malware Spreads Quickly Across Europe

Attention, Android users! A banking malware capable of stealing sensitive information is "Spreading rapidly" across Europe, with the U.S. likely to be the next target.

FluBot, a nascent entry in the banking trojan landscape, began its operations late last year, with campaigns leveraging the malware infecting more than 60,000 users in Spain, according to an analysis published by Proactive Defence Against Future Threats in March 2021.

"FluBot is a new Android banking malware that uses overlay attacks to perform webview-based application phishing," the researchers noted.

"The malware mainly targets mobile banking and cryptocurrency applications but also gathers a wide range of user data from all installed applications on a given device."

Upon installation, FluBot not only tracks the applications launched on the device but also overlays login pages of financial apps with specially-crafted malicious variants from an attacker-controlled server, designed with the goal of hijacking credentials, in addition to retrieving contact lists, messages, calls, and notifications by abusing the Android Accessibility Service.

The spurt in FluBot activity has prompted Germany's Federal Office for Information Security and the U.K.'s National Cyber Security Centre to issue alerts warning of ongoing attacks via fraudulent SMS messages that trick users into installing "Spyware that steals passwords and other sensitive data."

News URL

http://feedproxy.google.com/~r/TheHackersNews/~3/EPhL03PVSqI/attention-flubot-android-banking.html