Cork Safety Alerts

Corks source for local news!

Vodafone Ireland Issue Warning to Customers on Flubot SMS Malware

ByCork Safety Alerts News

Jun 2, 2021




Vodafone Ireland warned their customers about the Flubot SMS Malware that is currently circulating and targeting Irish customers.

The telecommunications company are warning customers to take the following actions if they receive an SMS from a company that they don’t recognise (regarding the tracking of a package or delivery.)

  • Ignore and do not click on any links in the SMS.
  • Delete the SMS from your phone.

Vodafone say that the scam primarily affects Android users, but are encouraging users of all handsets to be cautious when opening SMS messages, particularly when you’re not expecting a delivery.

The company ask customers who have been affected to contact them directly.

Information from the NCSC (National Cyber Security Centre.)

Threat Type:

The NCSC has received reports of a spyware software labeled FluBot affecting Android users in Ireland. FluBot is used by malicious parties to steal passwords and sensitive data from the victims’ mobile device.

It will access victims’ contacts and spread the malicious application through further text messages.

The messages typically contain a link for the victim to click on to get details of a missed package delivery. This link will direct the victim to a fake website replicating the legitimate delivery companys site. The victim will then be asked to download two .apk files which are banking trojans. Users will then be prompted to manually override and allow an untrusted app download.

The following are examples of FluBot text messages:

Affected Products:

Android devices. Note: Apple devices are not currently affected by this malware.

Impact:

Data & financial loss

Recommendations:

If you receive a message as described above the NCSC advises:

  • DO NOT click on the link, and delete the message.
  • If you are expecting a delivery, check it through the companies official website.
  • If you have clicked on the link and installed the app – perform a factory reset on the device. (Note: If you do not have backups you will lose data).
  • When restoring backups do not restore from any backups created after you installed the malicious app as these will be infected.
  • Reset passwords on any accounts used after you installed the app. If you use the same passwords on other accounts, change these also.
  • Ensure that the Google Play Protect service is switched on.

Help support Cork Safety Alerts by becoming a member – Click Here

By Cork Safety Alerts News