Security experts from UK’s National Cyber Security Centre (NCSC) warned of a new malware strain FlyBot, an Andoid password-stealing malware.
According to NCSC, FlyBot is designed to steal passwords and personal information such as bank details. Infected devices are then used to spread to the victim’s contacts via text messages.
An excerpt from the NCSC guidance published April 23:
The spyware is installed when a victim receives a text message, asking them to install a tracking app due to a ‘missed package delivery’. The tracking app is in fact spyware that steals passwords and other sensitive data. It will also access contact details and send out additional text messages – further spreading the spyware.
If you receive one of the scam messages, the NCSC recommends you do the following:
- Do not click the link in the message, and do not install any apps if prompted.
- Forward the message to 7726, a free spam-reporting service provided by phone operators.
- Delete the message.
If you have already clicked on one of the messages, you likely need to perform a factory reset as soon as possible. Also, make sure not to enter any password info or login to any websites with your compromised phone until wiping the device.
Moreover, it would be a good idea to also reset affected passwords as soon as possible if you happened to use any of them logging into websites.
The FluBot malware is just one of the latest examples of a rapidly growing mobile threat where cybercriminals are targeting mobile phones to manipulate and quickly profit from them.