New Threat Research: MalSync Teardown: From DLL Hijacking to PHP Malware for Windows  

Read Threat Research

Search

Flubot Banking Trojan Now Affecting Android Users

There is a new Flubot malware campaign targeting Android users. The Flubot banking trojan attempts to steal bank account and credit card information and uses contact lists in mobile devices to keep expanding into other devices. In this recent campaign, the malware attempts to ask the device user to click on a link that is sent through a text message. Different types of messages have been seen, including forged texts from parcel companies, texts about uploading photos, and ironically, a scam text about the device being infected with Flubot. It appears the threat actors are switching up their text messages in an attempt to deceive individuals and make their efforts less detectable. At this time, iPhone users cannot become victims to the malware. The campaign has been seen throughout Europe and now New Zealand.

Analyst Notes

Just like with emails, text messages that include links and come from unknown senders should be addressed with caution. Users are being advised to do a full factory reset on their device if it is believed to be infected with Flubot. All associated usernames and account passwords that could have been accessed should be changed accordingly. Any suspicious bank account activity should also be reported.

Flubot Malware Targets Androids With Fake Security Updates