What do you get when you combine the untimely death of a hugely popular piece of software once used on everything from smartphones to PCs with the insatiable thirst for unlawful financial gains of highly skilled hackers?
A scary new malware campaign that, to be perfectly honest, should be pretty easy to avoid by now for anyone who's done even the least amount of research possible on this sort of stuff before. Of course, it's never too late to start educating yourself on the daily dangers of the modern mobile life, and the first thing you need to keep in mind is that you should never, ever, ever, EVER download an Android app from an untrusted source.
How does the virus work?
Unfortunately, because the bad actors behind this latest "FluBot" distribution scheme know exactly what they're doing, you might receive a link to a shady website trying to feed you the vicious aforementioned banking trojan via a bogus Flash Player app from someone you 100 percent trust, like a close friend, family member, or someone else from your contacts list.
That's because, once your phone is infected, one of the symptoms of said infection will be the unauthorized access of your contacts, with the added malware ability of sending text messages without user permission.
Even some wildfires may not spread as quickly as FluBot with that M.O.
Bottom line, no matter where a link seems to be coming from, you should exercise good judgment and refuse to install random APK (Android Package) files. We know, we miss Adobe's Flash too, but the San Jose-based software giant would never use APKs to revive something that's been dead since 2020 and dying since 2017.
Of course, the sneakiness of this malware campaign's authors can often go beyond just sending a text from one random Android user to a friend or family member. Because asking someone to download a "Flash Player" app from outside the Play Store would be too obvious a tell for many people, the malicious texts you should... simply ignore may try to fool you into opening links by advertising various video-related things.
A good idea in such a case would probably be to ask whoever sends you a message containing a potentially malicious link one or two simple questions, thus making sure their intentions are pure.
While the main goal is and always has been to steal money with the help of banking credentials you might have stored on your Android phone, the secondary purpose is to spread like wildfire by hijacking your contacts and messages.
No APK downloads from shady sources!
That makes FluBot almost impossible to trace and the number of (primarily European) victims extremely difficult to estimate. Because the viruses are floating around from device to device, you can't expect Google or the manufacturer of your phone to keep you away from danger either, so you need to always watch your back yourself.
Recommended Stories
Although the good news in this particular Android malware case is that the threat is pretty easy to identify from a mile away, the bad news is it might be hard to get rid of the trojan if you are careless enough to download that phony Flash Player app.
Simply uninstalling it is unlikely to do the trick, so the best course of action is probably to perform a factory reset and delete all your data. Yes, that's definitely inconvenient, but losing all your money is certainly even more so.
Adrian, a mobile technology enthusiast since the Nokia 3310 era, has been a dynamic presence in the tech journalism field, contributing to Android Authority, Digital Trends, and Pocketnow before joining PhoneArena in 2018. His expertise spans across various platforms, with a particular fondness for the diversity of the Android ecosystem. Despite the challenges of balancing full-time parenthood with his work, Adrian's passion for tech trends, running, and movies keeps him energized. His commitment to mid-range smartphones has led to an eclectic collection of devices, saved from personal bankruptcy by his preference for 'adequate' over 'overpriced'.
Recommended Stories
Loading Comments...
COMMENT
All comments need to comply with our
Community Guidelines
Phonearena comments rules
A discussion is a place, where people can voice their opinion, no matter if it
is positive, neutral or negative. However, when posting, one must stay true to the topic, and not just share some
random thoughts, which are not directly related to the matter.
Things that are NOT allowed:
Off-topic talk - you must stick to the subject of discussion
Offensive, hate speech - if you want to say something, say it politely
Spam/Advertisements - these posts are deleted
Multiple accounts - one person can have only one account
Impersonations and offensive nicknames - these accounts get banned
Moderation is done by humans. We try to be as objective as possible and moderate with zero bias. If you think a
post should be moderated - please, report it.
Have a question about the rules or why you have been moderated/limited/banned? Please,
contact us.
FCC OKs Cingular\'s purchase of AT&T Wireless
Things that are NOT allowed: