![]() ![]() As you would expect, the details entered by users on these pages are sent to FluBot's control center and misused thereafter.įluBot lays low on a user's smartphone in the form of fake applications. FluBot downloads fake login screens of different banks from its server almost instantaneously and presents it on top of the legitimate application, leaving hardly any room for suspicion. The report says FluBot can draw fake webview on top of the target applications to steal users' private information like online banking login details or credit card details. Swiss cybersecurity firm PRODAFT analyzed FluBot and collected their findings in a report which can be found here (via The Record). This malware then invites users to grant access to Android's Accessibility service and once that happens, it can execute screen taps and other commands without the knowledge of the user. When users download and install these APKs, FluBot is also installed on their devices. The installer for the malware is hidden within other genuine-looking APKs. These SMSes have persuasive texts that entice the user into clicking on the link, which usually points to a hacked website where the FluBot installation package is hosted. FluBot is transmitted mainly through weblinks shared via SMS. ![]()
0 Comments
Leave a Reply. |