March 22, 2023

The Flubot campaign has hit Finland again for the second time this year. The previous set of attacks was spotted between early June and mid-August. Finland’s National Cyber Security Center (NCSC-FI) has issued a severe alert regarding the new wave of attacks.


This massive campaign is targeting Android users in the country with Flubot pushed via SMS sent from compromised devices. The spam campaign, uses a voicemail theme, urging the targets to open a link that would enable them to access a voicemail message or a message from the mobile operator. NCSC-FI detected over 70,000 such messages in a span of 24 hours and dozens of infections have been confirmed.Flubot is popping up on various websites -Netcraft detected around 10,000 websites distributing the malware.   

Once successfully installed, the banking malware can access the contacts list, read text messages, spam text others, and steal passwords and credit cards. Moreover, if this campaign turns out to be as aggressive as the summer campaign, researchers anticipate that the number of messages will increase to hundreds of thousands in the days ahead. 


Android devices have always been a favorite target among cybercriminals. The NCSC-FI has advised users to not click on embedded links or download files shared via the link to their devices. While at the time of its inception, Flubot used to target users in Spain, it has now gone global and has become pretty successful. Hence, Android users beware!

Leave a Reply

%d bloggers like this: