Safety Detectives
$ United States dollar
$ United States dollar Euro£ British poundAED UAE dirhamARS Argentine pesoAU$ Australian dollarBGN Bulgarian levR$ Brazilian realCA$ Canadian dollarCHF Swiss francCLP Chilean pesoCN¥ Chinese yuanCOP Colombian pesoCZK Czech korunaDKK Danish kroneEGP Egyptian poundHK$ Hong Kong dollarHUF Hungarian forintIDR Indonesian rupiah Israeli new shekelINR Indian rupee¥ Japanese yen South Korean wonMX$ Mexican pesoMYR Malaysian ringgitNOK Norwegian kroneNZ$ New Zealand dollarPLN Polish złotyRON Romanian leuRUB Russian rubleSAR Saudi riyalSEK Swedish kronaSGD Singapore dollar฿ Thai bahtTRY Turkish liraNT$ New Taiwan dollarUAH Ukrainian hryvnia Vietnamese DongZAR South African rand

FluBot Android Malware Operation Shut Down by Police

Colin Thierry
Colin Thierry
Colin Thierry Colin Thierry

Europol announced on Wednesday the shutdown of the FluBot operation, one of the largest and fastest-growing Android malware operations in existence.

The malware operation’s takedown resulted from a law enforcement operation involving 11 countries following a complex technical investigation in order to locate FluBot’s most critical infrastructure.

The participants in the operation included Australia, Belgium, Finland, Hungary, Ireland, Spain, Sweden, Switzerland, the Netherlands, and the United States.

“Known as FluBot, this Android malware has been spreading aggressively through SMS, stealing passwords, online banking details, and other sensitive information from infected smartphones across the world. Its infrastructure was successfully disrupted earlier in May by the Dutch Police (Politie), rendering this strain of malware inactive,” said Europol in its announcement.

The Dutch Police also announced on Wednesday that they have disconnected ten thousand victims from the FluBot network and prevented over 6.5 million spam SMS from reaching potential victims.

In March 2021, the police in Spain arrested four suspects who were considered key members of the FluBot operation, since the malware had mainly infected users in the region.

After a brief hiatus, the malware returned at very high levels and targeted multiple other countries besides Spain.

According to Europol, however, the FluBot infrastructure is currently under the control of law enforcement, so there can’t be any rebound.

FluBot

FluBot is an Android malware that steals banking and cryptocurrency account credentials by overlaying phishing pages on top of the interface of legitimate apps when victims open them.

It also can access SMS content and monitor notifications in order to take two-factor authentication and OTP codes.

Methods of distribution for the malware include laced apps on the Google Play Store, fraudulent parcel delivery messages, Flash Player app updates, and many more.

For anyone that believes that FluBot infected their device, Europol suggests they perform a factory reset that wipes all data in the areas that can host malware.

About the Author
Colin Thierry
Colin Thierry
Writer

About the Author

Colin Thierry is a former cybersecurity researcher and journalist for SafetyDetectives who has written a wide variety of content for the web over the past 2 years. In his free time, he enjoys spending time outdoors, traveling, watching sports, and playing video games.