Android: A new Android malware is used by companies such as Amazon to steal passwords from careless users. The virus, called FluBot, “spreads like a flu,” experts say, using text messaging to reach more victims.
As with many phishing attacks, malicious software uses social engineering to enter a user’s smartphone. Hackers fire text messages on behalf of companies like Amazon eDHL, accompanied by a link to download an app to track deliveries.
The address leads to an APK installer outside of the Play Store with a fake app. When the user installs the app, the virus scans the phone to collect credentials such as logins, passwords and banking information.
Spreads like flu
FluBot also calls attention to “spreading like flu,” as Slashgear defines it. In addition to collecting sensitive user information, the virus uses the smartphone’s calendar application to reach more victims.
The virus collects the phone numbers stored on the mobile phone and sends the same text message pretending to be a delivery company and linking to the malicious app. The method of spreading the malware is so effective that the UK government’s cybersecurity department has even launched a warning for Android smartphone users.
For those who have one Android phone and malicious links via SMS, the tip is to avoid clicking on suspicious addresses and to avoid downloading installers from untrusted sources. Since Apple is very restrictive with iOS and does not allow the use of apps outside of the App Store, iPhone users are protected from “virtual flu”.