Home » Technology » Android » Flubot Android malware is back, popularized as fake flash players

Flubot Android malware is back, popularized as fake flash players


The Android malware Flubot is back with a nasty new trick. The banking Trojan now lures victims by posing as an Adobe Flash Player application. Instead of a player, users download sniffing software that steals data. This emerges from new media reports on the Flubot Trojan.

As Bleeping computer reports, Flubot is now showing itself to be a fake Adobe app, especially in Europe. The bustling banking Trojan has been keeping Android users busy for months and has always found new tricks to get users to download it. Flubot was already spreading itself through fake security updates, fake DHL notifications, and other phishing campaigns. News about malicious Android malware is piling up again.

Flubot Android malware again

The Flubot malware has again found a new effective way to compromise Android devices on a massive scale. She is now trying to infect her victims using fake apps. If the user does not have the appropriate antivirus apps, this can quickly be successful. This trick of pretending to be a well-known and popular application is not new, but in the past, it was fairly well contained by Android security mechanisms.

The new campaign will be disseminated through messages sending links to an APK (Android App Download Package) download. An app is offered for download in order to upload and view videos.

What Flubot malware is doing?

As soon as Flubot lands on the smartphone, he can steal online banking login data, intercept SMS messages and one-time passwords, and capture screenshots. This data is then sent to the people behind it. As a second step, the malware uses the victim’s device to send new phishing messages to the contacts in the address book.

The links to the fake Adobe apps spread like the Flubot DHL trick via SMS and messenger messages that seem to come from friends. Anyone who receives a dubious message telling them to load the flash player should simply ignore it, do not click any links that have been sent, and delete the messages immediately.