December 9, 2023

The Flubot malware has sighted again with a new lure to compromise Android devices, tricking its victims into infecting themselves with the help of fake security updates warning them of Flubot infections.

This banking malware has been active since late 2020, and has been used to steal banking credentials, payment info,SMS, and contacts from compromised devices.

CERT NZ warned the message on Flubot’s new installation page is only a lure designed to instill a sense of urgency and pushing potential targets to install malicious apps.

"Your device is infected with the FluBot® malware. Android has detected that your device has been infected," the new Flubot installation page says.

Potential victims are also instructed to enable the installation of unknown apps if they’re warned that the malicious app cannot be installed on their device.

If you are seeing this page, it does not mean you are infected with Flubot however if you follow the false instructions from this page, it WILL infect your device

The SMS messages used to redirect targets to this installation page are about pending or missed parcel deliveries or stolen photos uploaded online.

We @Cyberthrone already covered the characters of this banking malware

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.