Watch out - that Android security update may be malware

The creators of FluBot have launched a new campaign that uses fake Android security update warnings to trick potential victims into instal...

The creators of FluBot have launched a new campaign that uses fake Android security update warnings to trick potential victims into installing the malware on their devices.

In a new blog post, New Zealand's computer emergency response team Cert NZ has warned users that the message on the malware's new installation page is actually a lure designed to instill a sense of urgency that tricks users into installing FluBot on their own devices.

The new FluBot installation page, that users are led to after receiving fake messages about pending or missed package deliveries or even stolen photos uploaded online, informs them that their devices are infected with FluBot which is a form of Android spyware used to steal financial login and password data from their devices. However, by installing a new security update, they can remove FluBot from their Android smartphone.

The page also goes a step further by instructing users to enable the installation of apps from unknown sources on their device. By doing so, the cybercriminals' fake security update can be installed on their device and while a user may think they've taken action to protect against FluBot, they've actually installed the malware on their smartphone themselves.

Changing tactics

Until recently, FluBot was spread to Android smartphones through spam text messages using contacts stolen from devices that were already infected with the malware. These messages would instruct potential victims to install apps on their devices in the form of APKs that were delivered by attacker-controlled servers.

Once FluBot has been installed on a user's device, the malware often tries to trick victims into giving it additional permissions as well as granting access to the Android Accessibility service that allows it to run in the background and execute other malicious tasks.

FluBot is capable of stealing a user's payment and banking information by using overlay attacks where an overlay is placed on top of legitimate banking, payment and cryptocurrency apps. As mentioned before, the malware will also steal a user's contacts to send them phishing messages to help spread FluBot even further.

While FluBot was mainly used to target users in Spain at its onset, its operators have since expanded the campaign to target additional countries in Europe including Germany, Poland, Hungary, UK and Switzerland as well as Australia and Japan in recent months.

Via BleepingComputer

from TechRadar - All the latest technology news https://ift.tt/3uvmOeM



Apps,3855,Business,148,Camera,1154,Earn $$$,1,Gadgets,1739,Games,924,Innovations,1,Mobile,1695,Paid Promotions,3,Promotions,3,Technology,7934,Trailers,795,Travel,36,Trendly News,21788,Video,4,XIAOMI,12,
Trendly News | #ListenNow #Everyday #100ShortNews #TopTrendings #PopularNews #Reviews #TrendlyNews: Watch out - that Android security update may be malware
Watch out - that Android security update may be malware
Trendly News | #ListenNow #Everyday #100ShortNews #TopTrendings #PopularNews #Reviews #TrendlyNews
Loaded All Posts Not found any posts VIEW ALL Readmore Reply Cancel reply Delete By Home PAGES POSTS View All RECOMMENDED FOR YOU LABEL ARCHIVE SEARCH ALL POSTS Not found any post match with your request Back Home Sunday Monday Tuesday Wednesday Thursday Friday Saturday Sun Mon Tue Wed Thu Fri Sat January February March April May June July August September October November December Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec just now 1 minute ago $$1$$ minutes ago 1 hour ago $$1$$ hours ago Yesterday $$1$$ days ago $$1$$ weeks ago more than 5 weeks ago Followers Follow THIS PREMIUM CONTENT IS LOCKED STEP 1: Share. STEP 2: Click the link you shared to unlock Copy All Code Select All Code All codes were copied to your clipboard Can not copy the codes / texts, please press [CTRL]+[C] (or CMD+C with Mac) to copy