It is the British National Cyber Security Center (NCSC) that warns against this new malware. Called the Floboot, it targets smartphones and devices with the Android operating system.
Flopot Spyware was created by hackers with the intention of recovering various passwords of your devices, your bank details and other sensitive data.
Tricky, malware infects devices via a text message that prompts you to install a tracking application due to a “missed parcel delivery”. But this tracking application is really spyware! Malware can access contacts and thereby spread to other smartphones.
If the target person clicks on the link, they will be taken to an imaginary page, which again uses the DHL brand logo to trick them into downloading the malicious application. It is explicitly advised to avoid clicking the link. If you are expecting an actual DHL distribution, go to the official tracking sites to track your package instead. Keep in mind that in the coming weeks, the brand may vary, for example from DHL to UPS or FedEx.
However, if it’s too late, if you have already downloaded spyware, first of all, do not enter passwords and do not log in to any accounts.
Second, it is necessary to clean the affected device. To do this, perform a reset using procedures provided by various manufacturers (Google, Hawaii, Samsung, etc.). Be careful, when configuring the device after the reset, you may be asked to restore from a backup: this option should not be selected if the backup date is after downloading the malware, otherwise the intrusion will continue.
Then, it is prudent to change the passwords used since the malware was downloaded and any other accounts that may benefit from the same password.
Finally, to be on the safe side, it is better to install new apps only from official stores like Google Play Store or Hawaii App Gallery. Google’s Play Protect service is also a great way to protect yourself from malware. If your Android device, even from another brand, has such a service, do not forget to activate it.