Telstra Exchange has issued an alert that the FluBot - an Android malware that attempts to steal users' banking credentials - has started to appear in Australia after circulating around Europe and that it has identified a number of handsets recently which it believes are potentially infected.
Clive Reeves, Telstra’s Deputy Information Security Officer, said on the Telstra Exchange portal that it’s important to note that Flubot is an industry wide and global issue and is ”not unique to Telstra or Telstra customers”.
“It is impacting other carriers similarly. We’ve posted the Telstra Exchange piece to give our customers and the wider community a heads up as well as tips and tricks to avoid getting scammed and how to remove it,” Reeves writes.
“You may receive an SMS from another mobile telephone number with a message like “a1bcd2 Voicemail: You have 1 new Voicemail(s). Go to [link]”, and if you click on the link you will be taken to a web page displaying a trusted brand (like Telstra) and prompted to install an app, for example to listen to the voicemail message.
“FluBot is malware – like a computer virus – that can be installed on your Android device if you click on a malicious link in a SMS message. This malware then sends many similar text messages to other people from your phone without your knowledge, potentially infecting them,” warns Reeves.
“If installed, the malware has wide access and can harvest your contact list to further spread, as well as accessing your personal information and banking details if you used it while infected. If infected, you should urgently remove the malware and change all your passwords, using another device that is not infected,” Reeves warns.
“Flubot is a sophisticated piece of malware because it spreads by sending SMS messages to random mobile numbers, as well as mobile numbers scraped from a compromised Android device’s contact list.
“Each time it does this it creates a new, unique link, making it difficult to block at a network level. These messages are also being sent from infected devices all across the world that have fallen victim to the malware.”
To read the full report from Telstra Exchange’s Chris Reeves click here.