FLUBOT: What you need to know about new Malware that targets users’ financial credentials
By Aisha Ali
On October 21, 2021, the Nigeria Computer Emergency Response Team (ngCERT), announced and warned online users about the emergence of a new malware that “targets Androids with fake security updates and app installations.”
The malware called ‘Flubot’ is said to “impersonate Android mobile banking applications to draw fake web views on targeted applications.” It also steals the personal data and financial information of unsuspecting persons.
Although multiple reports show it uses different schemes found in older malware families, Flubot has caused a lot of damage within the few months of its emergence.
What is Flubot?
A malware is a generic word used to describe a virus or a malicious software, designed specially to disrupt damage or gain unauthorised access to a computer system. As such, flubot is a malware-like computer virus that can be installed on an android device via a malicious link that is sent through an SMS.
This malware can take over a user’s phone and send text messages to other people from the device without the user’s knowledge, potentially infecting them as well.
Flubot malware was first identified on Australian shores in August 2021. It was characterised by a text sent from an Australian phone number that enticed users to click on a link that would then infect their android device with malware.
How Flubots works
The malware targets different mobile apps based on the device’s language setting. So far, there have been detections of the malware targeting bank apps mainly in Spain, but evidence suggests it may move on to other markets, such as Poland, Germany, Hungary and the UK. Aside from targeting mobile banking apps, flubot also operates on cryptocurrency-related mobile apps as well, regardless of the device’s language setting.
Flubot is crafted to deceive intended targets. First, the victim receives a text message informing them about the delivery of a package. These delivery messages usually contain a link to a website that serves as a host for the malware (disguised as the delivery company’s application).
In recent times, flubot has used the DHL, UPS and FedEx brands to lure unsuspecting members of the public. When the victim downloads and installs the application, the malware uploads the victim’s contacts to its C&C (Command & Control server) and from there, the scheme is launched.
Fact Checks of the week
A viral screenshot claims the minister of humanitarian affairs, Sadiya Farouk, said the government’s cash transfer policy is only for the North as there are no poor persons in…
A popular social media personality Ayo Ojeniyi, shared in a Facebook post a video wherein it was claimed that a kidnap kingpin, Chukwudumeme Onwuamadike, popularly known as Evans, has been sentenced to death. But how true is this?
Recently, a Nigerian Air Force (NAF) personnel attached to the Defence Intelligence Agency (DIA), Lance Corporal Ogah Bercy, was reported to have died of complications from a snakebite in her toilet on 19 November 2021, at the NAF base Bill Clinton Drive, Abuja. Reports said the snake is suspected to…
Tip of The Week
Other Fact Checks and Articles
- Can the mixture of salt, garlic put in different corners of your rooms eradicate wall geckos?
- Is Twitter user’s claim that intake of smoked or grilled food causes colorectal cancer true?
- True, NPHDA to engage Ad hoc Personnel for Nationwide Mass Vaccination Campaign
- How Exif Metadata Can Help You Authenticate Doubtful Images
- Internet security: what you should know about unverified links shared on social media platforms
- FLUBOT: What you need to know about new Malware that targets users’ financial credentials
- Instagram as new face of news sourcing and information sharing
- The FactChecker
- PTCIJ and partners, UNESCO, train Gambian youth leaders on media literacy
- Meet Presidential Candidates of the 2021 The Gambia Presidential Elections
- IDWAC 2021: Scholars, Professionals Offer Solutions to Information Disorder in Africa