FluBot – an infamous banking malware that affected thousands of users across Australia and the U.K. – is now active in Finland.
In an official alert, Finland’s National Cyber Security Centre (NCSC-FI) warned about a massive FluBot malware campaign targeting Android users in the country since June 2021. The Finnish Transport and Communications Agency has reportedly received multiple reports about dozens of messages sent to spread the FluBot malware.
Be aware of malware spread by SMS
The #FluBot campaign has become active again, and the malware is being spread by SMS. Scam messages written in Finnish are being sent to tens of thousands of people in Finland.https://t.co/TRXQa5Jv9D
— NCSC-FI (@CERTFI) November 26, 2021
FluBot is a sophisticated malware targeting Android users via malicious messages or pop-ups. The messages that carry FluBot usually alert the victims that they have a new voicemail or missed call from an unknown number. The message contains a link, which, once clicked, redirects the user to a malicious website impersonating a legitimate website. The malware is then deployed on the targeted device.
The officials stated the FluBot campaign sent fraudulent text messages to Android device users. FluBot malware can steal sensitive information from the compromised device and infect other banking apps installed on the device.
“Clicking on the link does not yet install the malware. Users will be requested to allow the installation. The malware may steal data from the device and send malware-spreading scam messages. The messages are often written without Scandinavian letters (å, ä and ö) and may contain the characters +, /, &, % and @ in random and illogical places in the text,” the alert said.
The NCSC-FI urged organizations to be vigilant and inform about the FluBot campaign to their personnel. Users are recommended not to click on any links from unknown sources and not download files or attachments shared via links or messages.
“Preparedness is important, and organizations should inform their personnel about FluBot to ensure that their employees do not install the malware on their phones. It is important for organizations to know what information and data phones contain and assess the risks of a potential data leak because FluBot steals information from phones,” the alert added.
NCSC-FI offered certain mitigation measures for the affected users:
Commenting on the latest malware campaign, Aino-Maria Väyrynen, Information Security Adviser at the NCSC-FI, said, “According to our current estimate, tens of thousands of messages have been sent to people in Finland during one day. We expect the amount to increase in the coming days and weeks. We managed to almost completely eliminate FluBot from Finland at the end of summer thanks to cooperation among the authorities and telecommunications operators. The currently active malware campaign is a new one because the previously implemented control measures are not effective.”
The post Finland Warns About ‘Flubot’ Malware Spread Via SMS appeared first on CISO MAG | Cyber Security Magazine.
Click to Open Code Editor