Europol, an internationally recognized law enforcement agency, has made it official that it has seized the operations and infrastructure of Flubot malware that has the potential to steal passwords, banking credentials, and other sensitive details from Google Android smartphones.
The take-down was initiated in coordination with the cyber forces from 11 countries that included officers from the US, UK, and Canada.
Flubot which was touted as one of the fastest spreading mobile malware was first spotted targeting Android users of Spain in December 2020. Within a span of two months, the malicious software spread like flu or coronavirus to other countries such as the UK, France, Australia, New Zealand, and Germany.
Basically, the said malware is seen spreading through SMS and email phishing attacks by mimicking companies such as DHL FedEx and other packaging firms. It mentions in the message that an undelivered parcel in the user’s name is on hold with the company and to get it delivered; the user needs to click on the link and fill in some details. And as soon as the user clicks on the link, the user receives a malicious payload and starts haunting the device and its user/s.
Interestingly, the malware is hard to detect and can disable Google Play Protect and uninstall apps that are useless to its spying activities. The malware has the potential to copy contacts from the infected phone and will send SMS messages filled with malicious links to those listed in the contacts….oops, that’s dangerous!
Let’s hope that the amount of victims getting infected with FluBot malware decreases with the latest seizure of infrastructure by Europol.