Beware of a fake Flash Player application on the Play Store

New campaigns distribute malware in the form of Flash Player.

Simply put, FluBot malware continues to spread and evolve.

What is Flubot?

Flubot is a form of Android malware that steals online banking credentials, takes screenshots, sends and intercepts text messages, and recovers one-time passwords.

To introduce a smartphone, the malware deceives users with an SMS phishing technique (smishing).

In order to go unnoticed, he claims that their smartphone is already infected by himself (Flubot) and that they absolutely have to download a security update to protect their data.

Evolving malware

According to a MalwareHunterTeam notice to BleepingComputer, new FluBot campaigns are delivered using text messages asking the recipient to download a video from their device.

The message contains a link that redirects the user to a fake Flash Player update.

It is therefore difficult not to click on the link, which presents this update as essential for downloading videos in the form of an APK (Android Package).

CSIRT KNF shared a sample SMS from this campaign on Twitter.

Chain hacking

The software doesn't stop with a device infection and bank data theft.

Indeed, like a chain of infection, it uses infected smartphones to spread.

Indeed, this malware offers the cybercriminal the possibility of contacting their future victims from the hacked smartphone, without the user's authorization.

Concretely, the software uses the victim's device to send new smishing messages to all his contacts.

The new version of this malware even allows it to send even longer text messages.

A way for hackers to deceive recipients even more easily.

How to react ?

Once a victim of Flubot, it is imperative to inform your contacts of the infection, to contact your bank to report malicious activity and to restore your smartphone to factory settings.

Note that, as long as the user does not click on the link, the infection will not be triggered.

Finally, a few tips.

Firstly, never download any Android app from an untrusted source.

Likewise, it is essential to download Adobe applications only from trusted sites.

Note all the same that FluBot cannot infect Apple devices and is limited to Android smartphones… And that the Flash Player plug-in no longer exists since January 2021.

High-Tech

Android: Vulnerabilities allow spying on many smartphones, update required

High-Tech

Flash: Shutdown in December, Adobe Reader is preparing to disappear this summer

• Cybercriminality

• Cybersecurity

• High-Tech

• Smartphone

• Application

• Mobile app

• Android

• 0 comment

• 0 share

  • Share on Messenger

  • Share on Facebook

  • Share on twitter

  • Share on Flipboard

  • Share on Pinterest

  • Share on Linkedin

  • Send by Mail

• To safeguard

• A fault ?

• To print