The dangerous FluBot malware targeting Android users has surfaced in a fake Track & Trace app in the corporate identity of courier service DHL. This malware attempts to download malicious copies of internet banking apps, can make calls and send text messages on behalf of your device, and attackers can even watch your screen in real time. Reason enough to stay away from this malicious malware. What do you want to know?
Earlier this month, the first signals arrived that this Android malware has also surfaced in the Netherlands. The German and British government departments have already warned against this malware, and this is not unjustified: it is quite advanced malware that can have major (financial) consequences for the affected user.
Scammed ?! so wrote a detailed feature article which further explains the nature of this malware. This article explains how this malware spreads, how you recognize it, what it is capable of, and how you can get rid of it. If you missed this article, you would do well to read it quietly. The warning was not unfounded: Telecom provider KPN also had customers last week warned of this harmful malware.
Police have also been notified. Following the first reports of victims received, they see sufficient reason to warn the Dutch, as shown in the tweet below.
FluBot malware appears in fake Track & Trace application “ DHL ”
When you are the victim of a scam ?! issued the first warning for this malware, the only known example was a similar fake application in the corporate identity of the courier company UPS. We predicted at the time that it was not inconceivable that the same malware would be offered in counterfeit apps from other major carriers, and it now appears to be the case.
Below is an example of an SMS in which this malware is offered and an example of the corresponding “ DHL ” application installation window which actually contains malware.
The second step of the instructions tells you to allow your phone to install unknown apps. This is of course not without reason: these apps would never pass the inspection of the Google Play Store.
Now, there may be legitimate reasons to install something outside of the Play Store, but it actually means you need to know exactly what you are doing. We advise against those with little or no knowledge of cybersecurity to install unfamiliar applications by means of detours: it is in fact not necessary for ordinary use in the home, garden and kitchen. and you run a considerable risk.
In this case, this kite is absolutely true. Here is a brief summary of what this malware is capable of:
- The attacker can real-time visualization on your phone screen;
- The attacker tries install malicious copies of internet banking applications;
- Attacker can act on behalf of your device send text messages to further spread the malware;
- The attacker can act on your behalf Click on at perform actions;
- The attacker can create a install keylogger;
- The attacker can get your copy contacts;
- The attacker can open applications;
- The attacker can change text entry
Clear Case: This is something you don’t want to get on your device in any way. Always be very careful when receiving text messages about sent packages – this has been a popular scam trick among hackers and scammers for months.