Can we, like a collective technological community, Totally agree this malicious scams and hacks aare you bad and we shouldn’t do them anymore? No? Alright, back to reality, where your Android phone is attacked by another malware scam, and using yet another infamous tactics to do it. Here’s what you need to know about FluBot and how to protect your data.
A brief history of FluBot
FluBot isn’t a new threat, but it’s definitely experiencing a resurgence. Malware first looked up in early 2021, originally from Spain and crossing the UK and the rest of Europe. It infects victims smartphones starting with an SMS posing as an official alert from a delivery company informing the victim of an arriving package and encouraging them to tap a URL to follow it.
Doing so bring a page asking the user to download a tracking application for the package. The tracking application – surprise, surprise – turned out to be malware, injecting the smartphone with malicious malware that spied on the activity of the user’s smartphone. The goal, of course, was to steal financial credentials in order to hackers could steal your bank accounts. How thoughtful.
FluBot has new assets in its bag
The Pirates like those behind FluBot thrive on ignorance of their plans and scams. As such, they’ve probably seen diminishing returns as affected areas of the world have been made aware of the malware; Government agencies in countries targeted by the FluBot have warned citizens against Flubot, exposing the type of post that would attempt to trick users into downloading the issue in the first place.
So what should FluBot hackers do? They must evolve. Just like the Creation team drew the brand’s attention to the nature of the dream, hackers are catching the eye of FluBot all over the world. Now wwhen you tap the link in their malicious text messages, they or they issue a pop-up window notifying people that their phones are infected with FluBot. According to FluBot, the only way to remove FluBot is to download an “Android security update”. (The “Android security update” is, unsurprisingly, infected with FluBot.)
You may also see this pop-up as a warning that you have a special voicemail message. that that you can only listen to via a particular application (not one of their most compelling ideas, in my opinion). These diets are spreading around the worldlarge; CERT NZ, the New Zealand IT Emergency Response Team, recently publish an excellent blog post on the subject for its citizens, but this applies to anyone who might encounter the FluBot scam.
How to prevent FluBot from infecting your smartphone
First of all, and of course, don’t click on those links. Not click on weird links in general, such as those that ask you to track a package that you have not ordered. These are just the best cybersecurity practices; always check the legitimacy of a link before opening it, whether on a smartphone, tablet or computer. Note that oonly Android phones are affected by FluBot; IPhones can receive the message and open the pop-up window, but the app cannot be installed on iOS.
You can also make sure that your Android apps are not able to install any unknown applications without your permission. This will prevent apps like FluBot from sneaking onto your device. For Android 8 or later, go to Settings> Applications> Special access> Install unknown applications, then make sure that “Prohibited“is defined for your applications. If an application says”Authorized”, Replace it with“Prohibited. “For Android 7 or earlier, go to Settings> Security (Where Lock screen and security) and ensure that “Unknown sources“is disabled.
If you have patted the link in the text message, but no downloaddead all applications, the good news is that there doesn’t seem to be any risk at this time. From what we understand, FluBot is only effective when you download the application linked to the link in the pop-up window; the link in the SMS just takes you to the pop-up window, so that this process alone should not infect your phone with malware. However, CERT NZ recommends that you change your passwords if you have tapped on this SMS link, just for security.
Well, let’s say you made select the link in the pop-up window and you have downloaded the FluBot app hidden inside. Do not panic. Reset your phone to factory settings to completely remove all traces of FluBot from your device, or restore from backup of before downloading the FluBot app. Then change all the passwords for your connected accounts. You’ll also want to contact your bank to make sure there hasn’t been any suspicious activity on your account. And then never click or tap on any unexpected links again.