The National Cyber Security Centre (NCSC-FI) at the Finnish Transport and Communications Agency has issued a “severe alert” to warn of a massive campaign targeting the country’s Android users with Flubot banking malware pushed via text messages sent from compromised devices.
The FluBot malware that caused trouble among Android users earlier this year is being spread again. In the past few days, the National Cyber Security Centre has received increasing numbers of reports about dozens of message variants used to spread the malware.
“According to our current estimate, approximately 70,000 messages have been sent in the last 24 hours. If the current campaign is as aggressive as the one in the summer, we expect the number of messages to increase to hundreds of thousands in the coming days. There are already dozens of confirmed cases where devices have been infected,” the Finnish National Cyber Security Centre said in the alert issued on Friday.
“We managed to almost completely eliminate FluBot from Finland at the end of summer thanks to cooperation among the authorities and telecommunications operators. The currently active malware campaign is a new one, because the previously implemented control measures are not effective,” said NCSC-FI information security adviser Aino-Maria Väyrynen.
Android users who receive Flubot spam messages are advised not to open the embedded links or download the files shared via the link to their smartphones.
Be aware of malware spread by SMS ⚠️
— NCSC-FI (@CERTFI) November 26, 2021
The #FluBot campaign has become active again, and the malware is being spread by SMS. Scam messages written in Finnish are being sent to tens of thousands of people in Finland.https://t.co/TRXQa5Jv9D
IF YOUR DEVICE HAS BEEN INFECTED WITH FLUBOT
- Perform a factory reset on the device. If you restore your settings from a backup, make sure you restore from a backup created before the malware was installed.
- If you used a banking application or handled credit card information on the infected device, contact your bank.
- Report any financial losses to the police.
- Reset your passwords on any services you have used with the device. The malware may have stolen your password if you have logged in after you installed the malware.
- Contact your operator, because your subscription may have been used to send text messages subject to a charge. The currently active malware for Android devices spread by sending text messages from infected devices.
Bijay Pokharel
Related posts
Recent Posts
Subscribe
Cybersecurity Newsletter
You have Successfully Subscribed!
Sign up for cybersecurity newsletter and get latest news updates delivered straight to your inbox. You are also consenting to our Privacy Policy and Terms of Use.