Security News > 2021 > October > Flubot Android malware now spreads via fake security updates

Flubot Android malware now spreads via fake security updates
2021-10-01 13:19

The Flubot malware has switched to a new and likely more effective lure to compromise Android devices, now trying to trick its victims into infecting themselves with the help of fake security updates warning them of Flubot infections.

"Your device is infected with the FluBot® malware. Android has detected that your device has been infected," the new Flubot installation page says.

"FluBot is an Android spyware that aims to steal financial login and password data from your device. You must install an Android security update to remove FluBot."

Until now, Flubot spread to other Android phones by spamming text messages to contacts stolen from already infected devices and instructing the targets to install malware-ridden apps in the form of APKs delivered via attacker-controlled servers.

Flubot will effectively take over the infected device, gaining access to the victims' payment and banking info in the process via downloaded webview phishing page overlayed on top of legitimate mobile banking and cryptocurrency apps' interfaces.

Since Swiss security outfit PRODAFT said in March that the botnet was controlling roughly 60,000 devices that collected the phone numbers of 25% of all Spanish citizens, the malware will likely spread even quicker now that it uses what looks like even more effective lure.


News URL

https://www.bleepingcomputer.com/news/security/flubot-android-malware-now-spreads-via-fake-security-updates/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Android 4 0 17 2 0 19