FluBot SMS Malware Could Spread From Europe To The US Like A Digital Plague
In late 2020, an Android-based malware was discovered trying to spread itself and capture credit card data. Regardless of the version, the basis for the malware was phishing people with fake links to track packages using reputable names like FedEx and DHL. Once a user clicked a link, it would direct them to download a legitimate-looking APK file with FluBot within. Once a user gave the app permissions, it would act as “spyware, SMS spammer, and credit card and banking credential stealers all in one,” according to cybersecurity company Proofpoint.
Since the malware spreads by using contact lists, there have been limited cases of the malware inside the U.S. However, the threat actors could specifically target the U.S. and quickly gain a solid foothold. At the end of the day, everyone needs to be wary of unexpected SMS messages, not install applications outside of legitimate app stores, and keep an eye on what permissions an app asks for. Effectively, SMS messages are replacing email as the preferred method of spreading malware, and people should treat them the same.