Beware of fake Flash Player apps that contain malware in the Play Store

New campaigns are distributing malware in the form of Flash Player. Simply put, FluBot malware continues to spread and develop.

What is Flubot?

Flubot is a form of Android malware that steals online banking credentials, takes screen shots, sends and intercepts text messages, and even retrieves passwords.

Introducing the smartphone, the malware tricks users with SMS phishing technique (smashing). To avoid being noticed, he says that their smartphone is already infected by itself (Flobot) and they need to download a security update to protect their data.

Malware develops

According to Review of MalwareHunterTeam to BleepingComputer, New FluBot campaigns are delivered to the recipient using SMS to download video from their device. This message contains a link that redirects the user to a fake Flash Player update. It is difficult not to click on the link that shows that this update is essential for downloading videos in APK (Android Package) format. CSIRT KNF shared a sample SMS of this campaign on Twitter.

Chain hacking

Software does not stop with device infection and bank data theft. In fact, like the chain of infection, it uses infected smartphones to spread the word.

In fact, this malware offers cybercriminals the opportunity to communicate with future victims from a hacked smartphone without the user’s consent. Specifically, the software sends new smashing messages to all of its contacts using the victim’s device. The latest version of this malware allows you to send even longer text messages. A way for hackers to deceive recipients even more easily.

How to react?

Once Flobot is infected, you need to report the infection to your contacts, contact your bank to report malicious activity, and reset your smartphone to factory settings. Note that the infection is not triggered until the user clicks on the link.

Finally, some tips. First, do not download any Android processor from an unreliable source. Similarly, it is necessary to download Adobe apps only from trusted sites. FluBot does not affect Apple devices and is restricted to Android smartphones … and note that the Flash Player Plugin has not been available since January 2021.