Businesses warned over 'Flubot' malware attack
By David Wood | 20th June 2022
Mobile phone users are being alerted to a new malware messaging scam which can install on their device.
The present risk is posed to mobile connections by the malware known as "Flubot", currently affecting infected Android devices. This is a text (SMS) message or MMS (picture messaging) scam - part of a large-scale smishing attack.
It currently only appears to be impacting Android devices and is downloaded under the guise of a tracking app or a message with a link to retrieve a voicemail which installs the malware when the user clicks on the link.
Due to some networks utilising Spam Shield, it would appear cyber attackers have started to use both MMS and SMS as alternative methods of spreading the malware.
If the customer's device is infected, the malware can take over their device and allow more infected SMS/MMS to be sent to contacts within the device without the user's knowledge.
It is also reported that the customer's contacts and banking apps may be accessed by the malware.
Simon Gardner, sales manager of Stonehouse-based Lister Unified Communications, admitted: "I've nearly fallen for scams like this one myself. It's so easy in this day and age when we're so busy and running around when you receive a message or a text or something just to fire back whilst you are on the move.
"The suggestion really is just take your time and think about any message you receive. I was running around, I was busy at work, I received a text message and I was just about to fire back and I thought 'it's not that important, read it later' and I could tell it was a scam. If you're not sure, check."
Simon added: "This came can affect anyone. They seem to be targeting Android as it tends to be less secure than Apple.
"The Flubot malware virus is disguised as an app. If you download the app you are in trouble and if you want to get rid of it you can activate Android Safe Mode and that blocks third party apps from running. You can also download Google Play Protect and that helps you perform a device scan.
"There's warnings every day about malware and this is slightly different asking you to download an app. It's a timely reminder if you're not sure, don't rush into it - ask your own business IT.
"Listers do provide security measures to stop business users downloading such apps. We can put software on business phones that stops them downloading apps unless they are pre-approved."
For further guidance, advice or support on the cyber security needs of your business, please call 01453 829200 or email email@example.com.
Copyright 2022 Moose Partnership Ltd. All rights reserved. Reproduction of any content is strictly forbidden without prior permission.