KEY POINTS

  • A malware that initially targeted Android users in Spain has expanded to other regions
  • Android users are tricked into installing the malware on their devices
  • Around 30,000 Android users in New Zealand received FluBot scam text messages

Android users should watch out for a new campaign that malicious actors use to trick unsuspecting consumers into installing the dreadful FluBot malware, which steals financial login and password data.

Hackers have devised new schemes to gain access to over 2 billion Android devices. According to a new advisory from the Computer Emergency Response Team of New Zealand (CERT NZ), malicious actors behind the malware, called FluBot, now use different text scams, ranging from package delivery alerts to stolen photos being uploaded online to warnings that FluBot has infected their devices.

Unfortunately, none of these messages are authentic. The truth is that they are just some tricks the hackers use to dupe users into downloading and installing the malware into their Android devices.

Malware
A growing number of ready-made exploit kits known as EKs are using deceptive fileless attacks creating bigger challenges to defenders and compromising victims. Christoph Scholz/Flickr

"The wording of the text messages may be about parcel delivery, or that photos of the recipient have been uploaded. In both cases there will be a link, asking you to install an app or a security update," CERT NZ warned consumers in an advisory released Friday.

"Given that the wording of these texts has changed within a short timeframe, it is likely the wording will change again. Be wary of any suspicious text messages you receive, asking you to click on a link," the government agency on cybersecurity added.

Once installed in the device, the FluBot malware can steal the owner's information by placing an overlay over legitimate banking, payment and cryptocurrency apps. The malicious software is also capable of stealing the device user's contacts and utilize it to send phishing messages and spread FluBot.

The malicious software was initially launched to target users in Spain but it looks like its operators have expanded the campaign. Various reports pointed out that FluBot was victimizing Android users in Europe, including in countries such as Poland, Hungary, Germany, the U.K. and Switzerland.

FluBot invaded Japan and Australia in recent months and was reported in New Zealand in recent weeks. Around 30,000 Android users in New Zealand have received scam text messages.

Android users should be aware of such scams to avoid falling victim to the hands of hackers. To prevent this, consumers should not click any link sent through text messages, especially from suspicious senders.

Android users should exercise extra vigilance when downloading and installing apps and security updates on their devices, particularly if they came from a link that suspiciously pops up on their devices' screen.

The majority of security updates and apps do not require users to click any links or redirect them to multiple web pages. People should not enter passwords or log in to their accounts using the infected device. Users can simply back up their data and do a factory reset of their device.