Flubot Malware Targets Australians, Spreads Via SMS

 

Muddled phone SMSs and phantom calls attack smartphones in a new wave of hoaxes throughout Australia, including the one that claims a friend's voice message but provides malware that can acquire user personal information. This latest SMS scan, called Flubot, has affected thousands of Australians that intend to implant dangerous malware programs on their smartphones. 

Although the messages could be received by iPhone users as well, Flubot is a sort of virus that targets Android users. It informs the receiver of a missed call or a fresh voicemail and gives the recipient a bogus link to listen to the voice mail. This link leads users to a website that appears like a legitimate brand - maybe Telstra in Australia but it was a packaging provider in Europe. This page asks users to install software to listen to the voice message on their phones. 

It then downloads malware if somehow the user approves. The attacker will gain access to payment card details, private information, SMs intercept, browsing pages, and collect additional information stored on the smartphone if privileges are given for the application. The malware additionally allows the attacker to browse the list of contacts of the user and potentially find new victims. 

Manual solutions are available to eliminate the spyware, although Telstra has recommended users to reset the device with the factory version and to recover the device to a version before the virus was implanted. 

Flubot initially hit Europe earlier this year even before Australians started being inundated with it this month. The Australian Competition and Consumer Commission has informed The Guardian Australia that its Scamwatch Service has gathered over 3700 reports of this exact fraud since the initial report on 04 August. Scamwatch got 413 daily reports on all frauds linked to SMS including Flubot from 4 to 17 August, compared to the 122 received from 01 July to 03 August. 

Delia Rickard, deputy chair of the Australian Competition and Consumer Commission said, “It is flooding the country and it is a really dangerous one.” “We’ve just had one complaint about an instance where the person lost nearly $5000. It appears that the malware has created a fake Google Pay login screen, and the person logged in and then the money disappeared from their account afterward.” 

The finishing touches for fraudsters are cash or personal data, that may subsequently be auctioned on the dark web. Flubot is only one of several frauds in existence that contributes to the pandemic's best year for hackers and cyber thieves. Australians sacrificed almost $850 million to cyber criminals last year, according to ACCC. 

Telstra’s deputy chief information security officer, Clive Reeves, said last week the company was “working with the security community to address this scam”. 

An Optus spokesman said that the business has started contacting impacted consumers. The telecom additionally recommended McAfee Wi-Fi Secure antivirus software to protect consumers linked to wifi connections. 

Another TPG spokeswoman, who manages the Brand Vodafone in Australia, said that last week the firm, including the Flubot scam, has banned over 14m scam SMS. “As scammers constantly morph their tactics, we continually update our filters and mechanisms to catch new scams,” the spokesperson said.