Attention, Android users! A banking virus capable of stealing data information and is spreading rapidly across Europe, with the US likely to be the next target. It is highly risky in case you get in contact with it, then you must get it off soon!
As per the new analysis by Proofpoint, the threat factors behind FluBot or Cabassous have branched out beyond Spain to target the UK, Hungary, Germany, Italy, and Poland.
It has also been observed to make use of more than 700 unique domains, infecting about 7,000 devices all across the UK. Additionally, German and English-language SMS messages were found being sent to US users from Europe, it was suspected by Proofpoint could be the result of computer virus propagating through contact lists stored on compromised mobile phones. A concerted campaign was aimed at the United States, but it is yet to be detected.
FluBot is growing its branches in the banking trojan landscape, it began its operations late in 2020. It leads campaigns while leveraging malware infecting more than 60,000 users in Spain, as per the report by Proactive Defence Against Future Threats (PRODAFT) last month.
Till now it’s said to have amassed more than 11 million phone numbers which represent 35% of the total population in Spain.
Initially, it was distributed through SMS phishing (aka smishing), the messages masquerade as a delivery service such as FedEx, DHL, and Correos, which used to notify users of their package or shipment delivery status along with the link to track the order, which when clicked or downloaded can embed within and steal your data.
It is a new malware operating on Android devices that uses overlay attacks to perform webview-based application phishing and accessing the data. It mainly targets mobile phones and gathers banking passwords and related information.
After installation, the FluBot not only tracks the applications launched on the device but also overlays login pages of financial applications with malicious viruses from an attacker-controlled system or server. So, beware of this hijacking malware, and keep up with the right ways and sources.
The latest news is that the Spanish authorities arrested 4 criminals suspected to be behind this malicious campaign, and simultaneously increasing the reach to Japan, Norway, Sweden. Finland, Denmark, and the Netherlands.
This highly risky virus led Germany’s Federal Office for Information Security (BSI) and the UK’s National Cyber Security Centre (NCSC) to release alerts and warnings all over the place, and let people be cautious.