As we reported last week, there was a mass attack on Hungarian phones in a text message. He pretended to be a message from the SMS kickback service, but by clicking on the link inside, he installed malware on Android phones that stole personal information from them before passing himself on to the victim’s acquaintances.
The National Institute for Cyber Defense reports that a malicious program called FluBot is responsible for carrying out the attack, which searches for personal and banking information, especially cryptocurrency data. NKI recommends downloading and running the FluBot Malware Uninstall from the Google Play App Store to remove malware.
It is extremely difficult to determine the extent of this type of attack, according to official estimates, the number of text messages sent in Hungary reaches 100,000. As the virus spreads, it “watches” that another infected phone sends an SMS to the contacts on the infected phone’s contact list, so most of them received a message from a phone number unknown to them but very real. Based on this, I would say that the extent of the virus’s spread may increase over time, something that can only be restricted by our conscious and alert behavior.
– Tell Zsolt Bánszki, 4ig IT Security Manager.
In response to a question from the index, the expert said that not only Android devices, but also iPhones, malware, which detects phishing by detecting other operating system, are dangerous. However, as we know, the Flash update released by Apple these days has no direct relationship to the fraudulent text messages.
After opening the link, the user is offered a site much like the respective parcel delivery service provider (usually Fedex), and prompts you to install an app to track the alleged package. This app contains malware called FLuBot, which a cybersecurity company called PRODAFT published an analysis of a few weeks ago. The malware then downloads all the phonebook entries on the device to the file of the command and control server, which is controlling further proliferation. In addition, the app can download SMS messages to and from the device and record keystrokes that allow attackers to know our passwords, one-time codes, etc., thus circumventing, for example, SMS-based “traditional” SMS. . Authentication factor. Today, we already know that the attacker is primarily looking for our banking details, and unfortunately we have heard of millions of violations.
Zholt Banzky caught attention.
Malware does not choose to send short text messages to corporate or private numbers, and users also prefer to use the same device to manage their own and corporate affairs, read company messages on the same device, and access their company infrastructure regarding where their packets access the messages. There are technical solutions for defense, good software for endpoint protection, as well as a mobile device management system to prevent these types of attacks, more precisely, the damage they cause can be greatly reduced. However, the most important defensive method is user awareness, which can be developed and maintained through constant training and testing
he added.
The National Institute for Cyber Defense has a more detailed but not exhaustive list of targeted mobile banking apps Warning readable.
(Cover photo: A woman uses her smartphone. Photo: Robert Alexander / Getty Images)