FluBot, which we’ve previously reported on, is a dangerous Android Trojan that was first discovered in December 2020. The malware infects devices via text messages containing malicious download links, ostensibly for the purpose of installing a legitimate parcel tracking application.

This is, however, just a front for the malware to penetrate the user’s device (hence the term Trojan). Once installed, the malicious app asks for accessibility permissions — allowing FluBot the freedom to disable security systems and steal banking details.

FluBot Smishing

Since its discovery, FluBot has been known to spread in cyclical smishing campaigns before dying down — only to re-emerge elsewhere. Below is what we’ve seen of its most recent activity.

Users have reported receiving SMS messages such as the above, claiming to be from parcel company DHL. As before, a link is included that would-be victims are asked to follow. If users access the link, an installation prompt appears for a voicemail app “required” to listen to the relevant voice message. If victims follow through, the app (FluBot) then requests accessibility permissions.

Once installed and given control, FluBot not only steals banking credentials, but also details stored in the Contacts folder — enabling it to spread like wildfire through the mobile ecosystem. At the same time, the privileges it has been granted make it very difficult to uninstall.

Protect Yourself with Trend Micro Check

• Double-check people’s contact details — and URLs.
• Reach out to official websites and support pages directly for help if in doubt.
• NEVER use links or buttons from unknown sources! Use Trend Micro Check to detect scams with ease: Trend Micro Check is an all-in-one browser extension and mobile app for detecting scams, phishing attacks, malware, and dangerous links — and it’s FREE! 

Check out this page for more information on Trend Micro Check. For smartphone security we’d recommend Trend Micro Mobile Security. Its cloud-based Smart Protection Network™ and Mobile App Reputation technology will stop threats before they even reach you.

Finally, if you’ve found this article to be a helpful and/or interesting read, please do SHARE with friends and family to help keep the online community secure and protected.