FluBot SMS Malware Could Spread From Europe To The US Like A Digital Plague
If you catch the flu, you may be stuck at home or even bedridden for a few days until you get better. If you catch the FluBot malware, you could be at risk of losing sensitive information, such as banking details and personal information. While this malware campaign has not made it across the pond from Europe yet, it could make its way over while wreaking havoc along the way.
In late 2020, an Android-based malware was discovered trying to spread itself and capture credit card data. Regardless of the version, the basis for the malware was phishing people with fake links to track packages using reputable names like FedEx and DHL. Once a user clicked a link, it would direct them to download a legitimate-looking APK file with FluBot within. Once a user gave the app permissions, it would act as “spyware, SMS spammer, and credit card and banking credential stealers all in one,” according to cybersecurity company Proofpoint.
This malware campaign seemed to begin in Spain, but it quickly spread outward and became more complex. Recent security research from Proofpoint shows that the FluBot campaigns have been detected in the United Kingdom, Germany, Hungary, Italy, Poland, and country of origin, Spain. The company also believes that the malware will likely “continue to spread at a fairly rapid rate, moving methodically from country to country via a conscious effort by the threat actors.”
Since the malware spreads by using contact lists, there have been limited cases of the malware inside the U.S. However, the threat actors could specifically target the U.S. and quickly gain a solid foothold. At the end of the day, everyone needs to be wary of unexpected SMS messages, not install applications outside of legitimate app stores, and keep an eye on what permissions an app asks for. Effectively, SMS messages are replacing email as the preferred method of spreading malware, and people should treat them the same.