Android users in Europe have fallen victims to the Android malware called the FluBot. The success these cybercriminal have had raises speculation that this malware won't just cause mayhem in Europe, and it could very well target other countries--including the United States. It is important to stay vigilant as malwares like the FluBot can do more damage outside your phone than inside.
Cybercriminals have been very creative over the years, so keep up to date on how you can protect yourself from malwares like the FluBot.
Android FluBot Malware
Once an attacker targets a victim, their entire android device is now vulnerable to the scammer. Personal information such as credit card numbers and other credentials to online banking accounts will be accessible to the cybercriminals.
To avoid being detected or removed, the attacker implements mechanisms halting the built-in protection offered by Android's OS and even stop many third-party security software from being installed, a common measure users would take to remove malicious software, as stated by WeLiveSecurity.
The attacker sends and SMS messages claiming to be a courier service or delivery logistics company. They use notable brands like DHL, FedEX, the Royal Mail (in the U.K.), and Amazon. The message prompts the victim to install an app. The app looks very much similar to the brand it is impersonating.
Once the victim installs the app and grants it the various permissions it requests, the malware now can access and unleash various functionality. Your phone is now compromised and the attacker now has access to sensitive information, PC Risk noted.
This can range from SMS spamming, making fraudulent transactions, having your bank credentials stolen, to identitying theft and rolling out spyware. Having access to the victim's contact list also allows them to have a new set of potential victims.
Again, built-in security by your Android phones will be disabled by the FluBot, as well as other third-party security solutions you installed after the downloading of the malware.
How to Prevent Android FluBot
It is always better to prevent the attack. If the message seems unlikely, don't click on it. Even if you are expecting a package, it is best not to click on any links sent to you via SMS, go directly to the website and check the status of your order there.
Delete the message as well. This will ensure you do not click it by accident in the future, MalwareBytesLab suggested. PC Risk also noted that the malware can also come in the form of e-mails and instant messages, so keep an eye out for those as well.
Take extra care in downloading your apps from legitimate developers. Be wary of third-party links or tools. These can compromise your mobile phones and make you more vulnerable to hacking.
If you find yourself opening the link but stopping before you could download the app, you are generally safe. It is still in your best interest to run your phone through a legitimate anti-malware app to scan and make sure it is clean.
How to Remove FluBot Android?
If you have found yourself victim to the malware, the National Cyber Security Centre (NCSC) of the United Kingdom instructs you not to enter any of your passwords or log in to any accounts after downloading the malicious application. It is to avoid any more harvesting of sensitive information.
To clean your device, the NCSC stated you should perform a factory reset as soon as possible. Please note that unless you have backups of your files in your phone, you will lose data.
Once you have reset your device, it may ask you if you would like to restore from a backup. Do not restore any backups created after you downloaded the app, or else you run the risk of infecting your phone once again.
Perform a thorough security check of all your bank accounts, social media accounts, and other accounts you may have logged in or stored in your phone. Change your passwords especially if you use the same password for more than one account.
Check your bank accounts as well for any fraudulent transactions that have been made and file a report immediately.
Always be wary of unknown links and regularly update your phone to keep up with new security features. Update your passwords regularly as well to avoid compromises in your accounts. The extra level of caution can afford you security that can very well be what prevents devastating malware from getting