Hackers do not rest and are always looking for new methods to harvest victims. A clear example of this is the reinvention of the dangerous FluBot malware, which now uses a unique method to infect Android mobile devices with the aim of steal bank information.
According to security researchers at Cert NZ, the malware now arrives via text messages. Delivering a package or downloading a few photos are the new lures used. In both cases there is a link attached.
When the user enters the link, he is redirected to a fake page. This invites you to download an application to track the package or a false one appears warning that the device has been infected by FluBot. In the second case, it recommends downloading a software to remove the malware.
The truth is that until that moment the user has not yet been infected, and it is a strategy to deceive him and force him to install a malicious application that will infect his terminal. If you fall into the trap and decide to install the recommended application, you will be prompted to enable installation of unknown apps.
If the installation of the malicious application continues, Android may show a warning. This will say that you are trying to install an app from an unidentified developer. If the user chooses to ignore the warning, the installation will continue and the malicious app will ask for access to a variety of permissions.
FluBot malware takes control of your phone
Once these permissions are granted, the FluBot malware will be able to access the call log, read and send SMS, access the phone book, run in the background and disable battery optimization to avoid being shut down. Additionally, you can overlay other applications, enter commands, and read screen content.
With all that ability to control the phone, the FluBot malware will be able to steal sensitive personal information. By recording the screen you can, for example, capture the data entered in a banking application.
As pointed out Cert NZ, it is very likely that the initial SMS came from a known contact. Well, when malware takes control of the smartphone, it acquires the ability to forward itself. IPhone users, although they can receive the message, cannot be infected as the malicious application is intended for Android.