New Android Malware Called FluBot Is Stealing Passwords

There’s a new malware threat you need to be aware of, and it recently made its way onto the UK’s National Cyber Security Centre’s radar.

Called FluBot, it is designed to steal information including passwords and banking particulars. There are a couple of interesting aspects about this threat that are noteworthy.

First, it is currently being spread exclusively via text message. A potential victim will get a text claiming to be from a shipper. The text will include a link that the user can tap in order to install a package tracking app. Of course, there is no package and thus, no package tracking app, so if the user taps this link, it will actually install the FluBot malware.

Worse, the code contains a module that gives FluBot worm-like capabilities. That allows it to access the victim’s contact list and send poisoned texts to each person on that contact list, allowing it to spread like wildfire.

For the moment, the aptly named FluBot is circulating primarily in Europe. However, given the peculiar nature of its spread mechanism, it could easily jump to the United States with a vengeance, or any other part of the world.

Unfortunately, there’s no good defense against FluBot at present, aside from education and awareness. Make sure your employees are aware of the threat and are careful not to click on any links promising to track packages, even if they’re expecting a delivery. It is far better to simply open a new browser window, type in the URL of the shipper you’re expecting a package from, and track the package that way. That is, rather than risking an infection that could put a wide range of sensitive data at risk, and cause problems for everyone on your contact list.

Stay vigilant. This won’t be the last threat to emerge in 2021.