FluBot is an Android malware that disguises itself as a delivery notification. This threat has SMS spamming and information-stealing capabilities, going after victims’ banking credentials once installed on an Android device. Initially targeting victims in Spain and Germany, FluBot recently shifted its focus towards English-speaking countries like Ireland and the United Kingdom.
FluBot currently affects only Android-based devices, but it can inadvertently send spam SMS messages to owners of Apple devices.
Regardless of what mobile operating system you’re using, it is always recommended to ignore spam messages and avoid clicking attached links sent from unknown senders.
At BlackBerry, we take a prevention-first and AI-driven approach to cybersecurity. Putting prevention first neutralizes malware before the exploitation stage of the kill-chain.
By stopping malware at this stage, BlackBerry solutions help organizations increase their resilience. It also helps reduce infrastructure complexity and streamline security management to ensure business, people, and endpoints are secure.
BlackBerry’s Threat Research Team has analyzed the attack methods used by this threat, and in addition to recommending basic cyber hygiene steps, strongly urges BlackBerry customers to ensure their systems have BlackBerry® Protect Mobile enabled with a blocking policy.
BlackBerry Protect and BlackBerry Guard stop these attacks.
Our customers can feel confident that our AI-driven security products, as well as our Managed Detection & Response (MDR) solution, are all well-equipped to mitigate the risks posed by threat actors leveraging patch vulnerabilities:
- BlackBerry® Protect Mobile extends the powerful AI-based security in BlackBerry® Protect to mobile devices, providing security teams with unprecedented visibility into their mobile, desktop, and server endpoints from a single security console. It detects and alerts users about mobile OS-based attacks, including FluBot.
- BlackBerry® Guard customers are proactively protected, and our 24/7 MDR solution customers receive:
o Alerts monitored in real time
o Corrective policies applied while discovering gaps in policy implementation
o Prioritized threat hunting
o The latest threat intelligence for fast moving threats
The BlackBerry Incident Response team can work with organizations of any size and across any vertical, to evaluate and enhance their endpoint security posture and proactively maintain the security, integrity, and resilience of their network infrastructure.
For emergency assistance, please email us at DLIR@blackberry.com, or use our handraiser form.
Learn more about the latest cybersecurity threats and threat actors in the BlackBerry 2021 Annual Threat Report.