Dangerous FluBot malware has been discovered in an app that includes real-time viewing on your phone. The malware can be found in an app that is distributed in text messages via a download link.
Fake DHL app
The text message contains a link to a website that is suspiciously similar to that of the courier service DHL. Subsequently, recipients of the SMS are asked on that website to download a DHL app. Once that app is installed, the FluBot malware can run its course. The malware is capable of:
- download fake mobile banking apps on your phone
- sending text messages to further spread the malware
- realtime on your phone
- perform actions on your phone on your behalf
- install a keylogger (a keylogger can see what you type, e.g. passwords)
- copy your contacts
- open your apps
- change your text input
Below you can see examples of the SMS and the fake website with a download link to the malware app. This scam trick is so dangerous because DHL often sends track & trace information via SMS. The link in these text messages will send you to a website with shipping details. Nevertheless, the courier never asks to download an app. That app is in the Play Store and you can choose to download it yourself.
Permission to install unknown apps
The fake DHL app asks the user for permission to install unknown apps. Such an app would never pass the Play Store security and we also never recommend granting this permission to apps if you are not sure what this app is up to with this access.
As you can see below, the police are aware of the malware and they warn everyone to delete the SMS immediately. The SMS has also arrived on my phone. Did you also receive the message? Let us know in the comments below this article.
Ook bij ons komen de eerste aangiftes binnen van het hacken van mobiele telefoons, het zogenaamde Flubot. Krijgt u een sms-je van een pakketbezorger, klik dan niet op de link waarmee u een app moet downloaden. Dit is spyware waarmee uw telefoon wordt gehackt.
— Geertjan Sloots (@polborculo) May 23, 2021