Security News > 2021 > October > Flubot Android malware now spreads via fake security updates
The Flubot malware has switched to a new and likely more effective lure to compromise Android devices, now trying to trick its victims into infecting themselves with the help of fake security updates warning them of Flubot infections.
"Your device is infected with the FluBot® malware. Android has detected that your device has been infected," the new Flubot installation page says.
"FluBot is an Android spyware that aims to steal financial login and password data from your device. You must install an Android security update to remove FluBot."
Until now, Flubot spread to other Android phones by spamming text messages to contacts stolen from already infected devices and instructing the targets to install malware-ridden apps in the form of APKs delivered via attacker-controlled servers.
Flubot will effectively take over the infected device, gaining access to the victims' payment and banking info in the process via downloaded webview phishing page overlayed on top of legitimate mobile banking and cryptocurrency apps' interfaces.
Since Swiss security outfit PRODAFT said in March that the botnet was controlling roughly 60,000 devices that collected the phone numbers of 25% of all Spanish citizens, the malware will likely spread even quicker now that it uses what looks like even more effective lure.
News URL
Related news
- TrickMo malware steals Android PINs using fake lock screen (source)
- Android 15 unveils new security features to protect sensitive data (source)
- Russia targets Ukrainian conscripts with Windows, Android malware (source)
- Android malware "FakeCall" now reroutes bank calls to attackers (source)
- New FakeCall Malware Variant Hijacks Android Devices for Fraudulent Banking Calls (source)
- New Android Banking Malware 'ToxicPanda' Targets Users with Fraudulent Money Transfers (source)
- Cyber crooks push Android malware via letter (source)