Flubot , an Android malware, is back and spreading via fake security patches. Although such behavior was evident months ago, it was not known how widespread the Trojan that created a name for its self with fake DHL notifications.
Bleeping Computer reported this. The news about malicious Android malware continues to grow. We reported earlier about the GriftHorse malware, which spread quickly and could be detected on more that ten million Android devices. Now, the second major attack on Android users has been revealed.
Flubot Android malware is warning now
Flubot malware now appears to be able to compromise Android devices on an even larger scale. Flubot malware is now being used to infect victims with fake security updates. Although this trick isn’t new, it has been well controlled in the past by Android security systems. The Flubot installation page has been discovered by the New Zealand Computer Emergency Response Team (Cert NZ). This is a bait page to create urgency and encourage victims to install malicious software.
It states, for example, “Your device has been infected by the FluBot(r), malware program.” Android has detected that your device is infected. FluBot is an Android spy program that steals financial logins and password data. To remove FluBot, you will need to update your Android security. Flubot’s primary purpose is to spy on bank data. This background information has been verified. It is often used by other malware gangs to “advertise”, fraudsters using it to do this.
Potential victims should also be instructed to enable the installation of unknown applications, because security messages are often sent from Android to those who attempt to download the malware. Flubot is not a virus that can be seen on this page. CERT NZ said that if you do not follow the instructions, your device could be infected.
False SMS update notifications are ignored
The fake security updates are sent via SMS and messenger messages, similar to the Flubot DHL trick. Anybody who receives this security warning should ignore it. Under no circumstances, click on any links and then delete the messages.