FluBot, the renowned Android banking Trojan, has a new, grimly amusing trick up its sleeve: it tries to mislead you into downloading a false “security update” by warning you about… FluBot itself.
If you click on a link in a text message, you’ll get a bright red screen that says, “Your device is infected with the FluBot malware.” “Android has identified an infection on your smartphone.”
In truth, your computer has not yet been infected. But it will be if you follow the instructions in the message: “To remove FluBot, you must apply an Android security update.”
The warning about this malware came last week from New Zealand’s Computer Emergency Response Team (CERT NZ), an administration office that alarms residents and undertakings about network protection dangers. (Numerous nations have a CERT; the U.S. by one way or another has two.)
At the point when keep going we monitored FluBot, it tricked you in with an instant message informing you regarding an issue with a bundle conveyance. A connection in the message you to a false page that said you needed to download and finish up a structure to get your bundle. You’d be affected with FluBot on the off chance that you adhered to the guidelines.
You might in any case get that bundle conveyance notice, said CERT NZ, which opened with a tweet about the new variation and afterward circled back to a blog entry. Or then again you may be messaged a fake admonition that shrewd photographs of you had been put on the web.
Here and there you’ll get a picture of an agreeable young lady holding a bundle with the conventional “application structure” to download and finish up. Here and there you’ll get the frightening picture underneath. (We appreciate the humor of putting an enrolled brand name image close to the name of the malware.)
Step by Step instructions to avoid FluBot
“The malicious app will possibly taint your phone if [you] click the connection AND download the app,” CERT NZ’s blog entry said. “Getting the text doesn’t mean you are tainted. Apple phones can get the message yet can’t be tainted.”
That is extremely evident. So are two explanations in the false FluBot cautioning screen itself.
“FluBot is an Android spyware that means to take monetary login and secret key information from your gadget,” it states. On the off chance that you experience difficulty introducing the phony “Android security update,” you need to “select ‘Settings’ and empower the establishment of obscure apps.”
That is because as a matter of course, Google-provisioned Android phones will introduce apps just from the authority Google Play Store except if the client abrogates those settings. That is the thing that the phony admonition/genuine FluBot needs you to do. Try not to do it.
Rather, ensure that the default app-loading settings are enabled. Go to Settings > Apps > Special access > Install unknown apps in Android 8 or later, and make sure “Not permitted” is next to each program name. If an “Allowed” appears, tap the app and toggle the option off.
Go to Settings > Security (or Lockscreen and Security) in Android 7 or before, and look for an entry titled “Unknown sources.” Check to see whether it’s turned off.
You should also have one of the top Android antivirus apps installed. Because FluBot has been there for the majority of 2021, most antivirus programs will immediately recognize and block it.
FluBot originally arrived in Spain in early 2021, then expanded to other European countries before finally reaching the rest of the planet.
If you receive an SMS text message informing you that a parcel is on its way to you — especially if the communication appears to be about a pricey item, such as an iPhone 13, that is simply waiting to be picked up – be extremely cautious. Don’t install random software from text message links, and especially don’t allow unknown sources or unknown apps.