International prosecutors were able to slow down the SMS-based Android spyware FluBot. This was achieved by taking over the FluBot infrastructure.
Europol is against a spyware called FluBot apparently a sensitive blow succeeded. According to the European police authority, international prosecutors have taken over the infrastructure behind the malware, putting an end to the wave of destruction.
Eleven countries were involved in the operation, and according to Europol, the FluBot malware has spread the fastest to date have turned off. The spyware infected Android devices, spreading aggressively via SMS and stealing passwords, online banking details and other sensitive information.
Android Spyware FluBot
The FluBot malware was reportedly first discovered in December 2020. In 2021, its spread increased sharply and led to a large number of infected devices worldwide. Significant incidents have occurred in Finland and Spain, reports Europol.
Bitdefender meanwhile observed a recent FluBot campaign that was particularly targeting German users. Other countries in focus were, in descending order, Romania, the United Kingdom, Poland, Spain, Sweden, Austria, Finland and Denmark. Germany and Romania were the most affected regions of the latest FluBot campaign and, according to the virus hunters, accounted for 69 percent of the attempted attacks.
Europol explains that the spyware spreads via text messages, the Android Asked users to follow a link and install an app from there, for example to track parcels or listen to fake voice messages. After installing an app that was the actual FluBot spyware, it asked for various access permissions. The cybercriminals then used these to steal access data from banking apps or information about cryptocurrency accounts.
This strain of malware spread like wildfire due to its ability to access the contacts of infected smartphones, it goes on. Messages with links to the FluBot malware were sent to these numbers, which helped spread the malware even further.
Prosecutors take over malware infrastructure
The associated infrastructure has the Dutch Police took over earlier in May, disabling this strain of malware, Europol said. Investigations were ongoing to identify the masterminds behind global malware campaigns.
The operation involved law enforcement agencies from Australia, Belgium, Finland, Ireland, the Netherlands, Sweden, Switzerland, Spain, Hungary and the United States involved. Europol’s European Cybercrime Center (EC3) coordinated the international activities.