FluBot is a virus that sends SMS together with a malicious link that causes Android users, especially, to download a fraudulent app. It is necessary to be very attentive to the messages that are received on the mobile to avoid serious problems.
What is FluBot and how does it work
FluBotbecame known as the SMS scam from a courier company called FedEx; it is one of the most sophisticated viruses that has evolved since the way to act is in principle quite simple: A courier company sends an SMS in which it says that there is a package to deliver and that to manage this you need to download an app to your mobile.
It is possible that even the user is waiting for something and, to top it all, it is sent to him through the company that appears in the message, so the first idea is to install the said app.
Once this is done, the real problems begin since this application will record, from that moment, everything that is written on the mobile, which includes passwords, through which you can enter the entity to which they belong (banks, work tools …) steal data and even money.
The secret of the success of this virus is that it replaces the SMS app that the mobile phone has, with which the user can no longer read the messages that previously did arrive. In return, it is now the attacker who reads them.
In summary, we can say that this app controls several functions of the phone:
Read the call log.
Reading and sending SMS.
Access to the user’s contact book.
See what applications the mobile user has installed.
You can uninstall the apps that were already on the phone and that were the ones that the user already owned.
Access to the status of the phone at any time, whether it is, connected to the network, on-call, mobile identity, etc.
FluBot can make calls, connect to the network, send data to cybercriminals, update itself … It becomes the owner of the phone.
How to avoid getting infected by Flubot
Some practices that can be done to avoid becoming infected with this virus:
The first thing is to think about whether a package is waiting.
But if this happens and above all, it is through one of the parcel companies that appear in the SMS, it is necessary to know that it is not normal for them to force download an app through which shipments are tracked.
This can be done through the web to which the SMS serves as a warning link.
Another aspect that should be taken into account is that the official domains of the web are not used.
This FluBot virus asks to access a multitude of mobile functions that are not necessary for a messaging app.
What if the mobile phone is already infected?
You have to put yourself at the worst to minimize any type of damage:
Change all passwords that are always used through another device. In this way, the access that has them will be withdrawn.
Call the mobile phone operator to report what happened and to deactivate the SMS app and even, if necessary, the SIM card.
- To remove FluBot from the mobile one of the methods is:
Accessing the safe mode of Android: This way only the apps of this system are executed, which makes it possible to uninstall the fraudulent FedEx app since it will not be running.
Restoring Android to factory settings: The problem is that in addition to deleting this app, everything that the user has installed will also delete it, so it is convenient to have backup copies.