Android users warned of Flubot messaging malware

Users encouraged to download tracking app for missed parcels that is actually malware

Cybersecurity expert Brian Honan warned there is potential for the spyware to disrupt networks should enough phones be infected and start sending large volumes of itself to other devices.

Cybersecurity expert Brian Honan warned there is potential for the spyware to disrupt networks should enough phones be infected and start sending large volumes of itself to other devices.

 

Users of devices powered by Android have been warned about a dangerous text-message scam that is running rife across Britain.

Known as Flubot, the scam involve a message purportedly coming from a delivery firm that encourages users to install a tracking app to find out where their parcels are. The app is in fact malicious spyware that steals passwords and other sensitive data. It also accesses contact details and sends out additional text messages, thereby further spreading the spyware.

Users of Android phones and devices, such as those manufactured by Samsung, Huawei and Google, are at risk from the scam although users of Apple products have also been warned that the scam message may redirect them to a website that will try to steal personal information.

The National Cyber Security Centre in Britain and a number of mobile operators there have issued warnings over the scam.

Warnings

The Irish National Cyber Security Centre has not issued any warnings as yet and a spokeswoman for An Garda Síochána said it had not received any report of such a scam and therefore currently had no plans to issue advice.

Cybersecurity expert Brian Honan warned there was potential for the spyware to disrupt networks should enough phones be infected and start sending large volumes of itself to other devices.

“People should be very wary about unexpected messages they receive and not click on any links or attachments in them. You should always use the official apps from courier companies or check their website,” he said.

Ben Wood, chief analyst at CCS Insight, also advised about the danger of networks being flooded with messages.

“This has the potential to become a denial-of-service attack on mobile networks, given the clear risk that a rogue application can be installed on users’ smartphones and start spewing out endless text messages,” he told the BBC.

“The broader risk for users is a loss of highly sensitive personal data from their phones,” he added.