According to the Nigerian Communications Commission, a new high-risk and harmful malware known as 'Flubot' is targeting Android smartphones with false security updates and application installations.
Malware is a generic term used by the commission to describe a virus or software that is designed to disrupt, damage, or obtain unauthorized access to a device.
"The ngCERT validated that Flubot impersonates Android mobile banking apps to draw phony web visits on targeted apps, and its purpose beyond obtaining personal data and primarily targets stealing credit card details or online banking credentials," the NCC added.
"FluBot is distributed by SMS and can snoop on incoming notifications, initiate calls, read or write SMSes, and send the victim's contact list to its control center."
According to the NCC, this virus targets Android smartphones by impersonating 'FedEx, DHL, Correos, and Chrome programs' and forcing unwary users to change their device's accessibility settings to maintain a persistent presence on the device.
According to the report, the malware compromises device security by duplicating fake login screens for well-known banks and waiting for users to enter their login credentials on the fake pages, after which their data is collected and sent to the malware operators' control point, where it is exploited by intercepting banking-related one-time passwords and replacing the default SMS app on the targeted Android device.
"As a result, it secures admission into the device via SMS and proceeds to send identical messages to other contacts on the device it has infected, persuading them to download the false software," according to the NCC.
"Infecting a gadget with Flubot can lead to catastrophic financial damages." Furthermore, the malware establishes a backdoor that allows the invader or attacker to gain access to the user's device, allowing them to carry out other criminal activities, such as launching other malware versions."
THINGS TO NOTE:
1. Users should not click on any suspicious text message's link, nor should they install any program or security update that the page requests.
2. Use up-to-date antivirus software to identify and prevent malware infestations; apply crucial system and application patches.
3. Use strong passwords and enable two-factor authentication over logins; frequently back up your data.
4. If you were a victim of this campaign, return your device to factory settings as soon as feasible. Any data on your phone, including personal information, will be deleted as of a result."
Content created and supplied by: Immawoli (via Opera News )
Opera News is a free to use platform and the views and opinions expressed herein are solely those of the author and do not represent, reflect or express the views of Opera News. Any/all written content and images displayed are provided by the blogger/author, appear herein as submitted by the blogger/author and are unedited by Opera News. Opera News does not consent to nor does it condone the posting of any content that violates the rights (including the copyrights) of any third party, nor content that may malign, inter alia, any religion, ethnic group, organization, gender, company, or individual. Opera News furthermore does not condone the use of our platform for the purposes encouraging/endorsing hate speech, violation of human rights and/or utterances of a defamatory nature. If the content contained herein violates any of your rights, including those of copyright, and/or violates any the above mentioned factors, you are requested to immediately notify us using via the following email address operanews-external(at)opera.com and/or report the article using the available reporting functionality built into our Platform See More