Dangerous FluBot malware offers users a security update to fight against itself

Experts from CERT NZ have discovered that the dangerous malware FluBot has begun using a new decoy to compromise Android devices. Attackers are trying to force users to infect their devices by showing them warnings about the need to urgently install some kind of security update, since the user’s device is allegedly already compromisedby the Flubot malware.

Your device is infected with FluBot® phần mềm độc hại. Android has detected that your device is infected. FluBot is an Android spyware designed to steal financial data and passwords from your device. You must install a security update for Android to remove FluBot.the message from the attackers says.

Potential victims are also asked to allow the installation of applications from untrusted sources if they see a warning that malware may be installed on their device.

If you clicked the link but took no further action, you should not be affected. Tuy nhiên, CERT NZ strongly recommends that you change all your online account passwords and contact your bank as a precaution. If you entered any personal information into a form, especially credit card details, then we recommend you contact your bank and check for any unusual activity.CERT NZ experts recommend.

Attackers lure users to such fraudulent pages via SMS. Thường xuyên, such messages are disguised as missed parcel deliveries or photos allegedly stolen from the victim, which have already been uploaded to the network.

Let me remind you that FluBot usually spread to other Android phones by sending text messages to contacts previously stolen from other infected devices. Users are told to install malicious applications in the form of APK files delivered from servers controlled by attackers.

Once deployed, the malware tries to trick the victim into granting additional rights on the device via the Android Accessibility service, which will allow it to hide and execute malicious tasks in the background. Ultimately, FluBot will take over the infected device, gaining access to payment and banking information.

The malware also steals and forwards the victim’s address book to its control server (and contacts are transmitted to other FluBot spam bots), monitors system notifications about application activity, reads SMS messages, and can make phone calls.

Let me remind you that we talked about the fact that The new version of the Jupyter malware is distributed through the MSI installer.

Helga Smith

Tôi luôn quan tâm đến khoa học máy tính, đặc biệt là bảo mật dữ liệu và chủ đề, được gọi là ngày nay "khoa học dữ liệu", kể từ khi tôi còn ở tuổi thiếu niên. Trước khi vào nhóm Diệt Virus với vai trò Tổng biên tập, Tôi đã làm việc với tư cách là chuyên gia an ninh mạng tại một số công ty, bao gồm một trong những nhà thầu của Amazon. Một trải nghiệm khác: Tôi đã nhận được đang giảng dạy tại các trường đại học Arden và Reading.

Gửi phản hồi

Website này sử dụng Akismet để hạn chế spam. Tìm hiểu bình luận của bạn được duyệt như thế nào.

Nút quay lại đầu trang