Have you received this message? It is shocking how cybercriminals have developed new tactics to trick users and steal their money. In fact, it has become extremely easy to infect users phones with malware.
Flubot malware has been infecting users phones by tricking users into instal the malware themselves on their phones after alerting them that their handset is infected. Here’s what you need to know to stay safe.
The nefarious Flubot malware is back, infecting Android users phones around the world. The malware, which typically sends SMS messages to users with a link to listen to their “voicemail” now has a new trick.
The malware has now found a new way to make its way onto users devices, by using new tricks and tactics to fool users into downloading the malware themselves and infecting their own devices.
A month ago, security firm Trend Micro had revealed how the Flubot malware, or malicious software, convinced users into installing fake voicemail apps after taking users to a website that was designed to look like a mobile operator.
Now, the Computer Emergency Response Team of New Zealand (CERT NZ) is warning users that the Flubot malware is back and is spreading with a dangerous new trick. Users are sent a link related to the delivery of a package, designed to lure users.
Once users click on the link, they see a large message, with a warning text that informs them that their device has been infected with the dangerous Flubot malware. In fact, it looks similar to the Google Chrome dangerous Safe Browsing message with its red warning screen.
“Your device has been infected with FluBot malware. Android has detected that Your device has been infected. FluBot is an Android malware that aims to steal financial login and password data from your device,” reads the message that users can see on their devices.
Unfortunately, even though users devices may not have been infected at this point, the message tells users to “Install an Android security update to remove FluBot.”
Instead of downloading a security update to remove the supposed Flubot malware infection, the users end up downloading Flubot itself on their smartphone!
The malware then rifles through contacts, sending the same message to other people and proliferating across contact books and infecting even more users.
It then proceeds to steal logins, passwords and other credentials through the various permissions it gains after infecting the device.
How to save yourself from Flubot malware
For starters, to save yourself from Flubot malware, don’t install any security updates that pop up on your screen. Most updates do not require a lof of action from the user and do not involve downloading a file and installing it yourself.
“If you are seeing this page, it does not mean you are infected with Flubot however if you follow the false instructions from this page, it WILL infect your device,” the message from CERT NZ reads on their Twitter account.
If users are infected, they must avoid entering passwords or logging into accounts, they should perform a factory reset of their phone after taking a backup of their data.