Unfortunately, because the bad actors behind this latest “FluBot” distribution scheme know exactly what they’re doing, you might receive a link to a shady website trying to feed you the vicious aforementioned banking trojan via a bogus Flash Player app from someone you 100 percent trust, like a close friend, family member, or someone else from your contacts list. That’s because, once your phone is infected, one of the symptoms of said infection will be the unauthorized access of your contacts, with the added malware ability of sending text messages without user permission.
When you mix the premature death of a tremendously popular piece of software that was formerly used on everything from smartphones to PCs with highly experienced hackers’ insatiable drive for illegal financial gain, you get… A frightening new malware campaign that, to be perfectly honest, anyone who has done even the tiniest amount of study on this type of thing before should be able to prevent by now. Of course, it’s never too late to start learning about the everyday risks of modern mobile life, and the first thing you should remember is that you should never, ever, ever, EVER download an Android app from an untrustworthy source.
Even some wildfires may not spread as quickly as FluBot with that M.O. – Do not install this fake Flash Player Android app even if a friend urges you to Even some wildfires may not spread as quickly as FluBot with that M.O. Bottom line, no matter where a link seems to be coming from, you should exercise good judgment and refuse to install random APK (Android Package) files. We know, we miss Adobe’s Flash too, but the San Jose-based software giant would never use APKs to revive something that’s been dead since 2020 and dying since 2017.
If the name FluBot happens to ring a bell, that might be because the same trojan has infected countless devices in the past using methods as diverse as posing as a security update, parcel delivery notice, and other legit apps from popular developers. While the main goal is and always has been to steal money with the help of banking credentials you might have stored on your Android phone, the secondary purpose is to spread like wildfire by hijacking your contacts and messages. APK downloads from shady sources! – Do not install this fake Flash Player Android app even if a friend urges you to
Of course, the sneakiness of this malware campaign’s authors can often go beyond just sending a text from one random Android user to a friend or family member. Because asking someone to download a “Flash Player” app from outside the Play Store would be too obvious a tell for many people, the malicious texts you should… simply ignore may try to fool you into opening links by advertising various video-related things. A good idea in such a case would probably be to ask whoever sends you a message containing a potentially malicious link one or two simple questions, thus making sure their intentions are pure.
That makes FluBot almost impossible to trace and the number of (primarily European) victims extremely difficult to estimate. Because the viruses are floating around from device to device, you can’t expect Google or the manufacturer of your phone to keep you away from danger either, so you need to always watch your back yourself. Although the good news in this particular Android malware case is that the threat is pretty easy to identify from a mile away, the bad news is it might be hard to get rid of the trojan if you are careless enough to download that phony Flash Player app. Simply uninstalling it is unlikely to do the trick, so the best course of action is probably to perform a factory reset and delete all your data. Yes, that’s definitely inconvenient, but losing all your money is certainly even more so.