fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Finland Warns of Flubot Malware Heavily Targeting Android Users

Finland Warns of Flubot Malware Heavily Targeting Android Users

Finland’s National Cyber Security Centre (NCSC-FI) has issued a “severe alert” to warn of a massive campaign targeting the country’s Android users with Flubot banking malware pushed via text messages sent from compromised devices.

This is the second large-scale Flubot campaign that hit Finland this year, with a previous series of attacks SMS spamming thousands of Fins each day between early June and mid-August 2021.

Just as it happened over the summer, the new spam campaign also uses a voicemail theme, asking the targets to open a link that would allow them to access a voicemail message or message from the mobile operator.

However, the SMS recipients are redirected to malicious sites pushing APK installers to deploy the Flubot banking malware on their Android devices instead of opening a voicemail.

Targets using iPhones or other devices will just get redirected to other fraudulent and likely also malicious pages such as phishing landing pages attempting to phish their credit card details.

“According to our current estimate, approximately 70,000 messages have been sent in the last 24 hours. If the current campaign is as aggressive as the one in the summer, we expect the number of messages to increase to hundreds of thousands in the coming days. There are already dozens of confirmed cases where devices have been infected,” the Finnish National Cyber Security Centre said in the alert issued on Friday.

Also Read: Deemed Consent PDPA: How Do Businesses Comply?

“We managed to almost completely eliminate FluBot from Finland at the end of summer thanks to cooperation among the authorities and telecommunications operators. The currently active malware campaign is a new one, because the previously implemented control measures are not effective,” said NCSC-FI information security adviser Aino-Maria Väyrynen.

Android users who receive Flubot spam messages are advised not to open the embedded links or download the files shared via the link to their smartphones.

Be aware of malware spread by SMS

The #FluBot campaign has become active again, and the malware is being spread by SMS. Scam messages written in Finnish are being sent to tens of thousands of people in Finland.https://t.co/TRXQa5Jv9D— NCSC-FI (@CERTFI) November 26, 2021

Android banking malware goes global

This banking malware (also known as Fedex Banker and Cabassous) has been active since late 2020 and is used to steal banking credentials, payment information, text messages, and contacts from infected devices.

Also Read: 6 Types Of Document Shredder Machine Singapore Services

Initially, the botnet mainly targeted Android users from Spain. However, it has now expanded to target additional European countries (Germany, Poland, Hungary, UK, Switzerland) and Australia and Japan in recent months, even though the Catalan police reportedly arrested the gang’s leaders back in March.

After infecting an Android device, Flubot spreads to others by spamming text messages to stolen contacts and instructing the targets to install malware-ridden apps in the form of APKs. Last month, Flubot also began tricking its victims into infecting themselves using fake security updates warnings of Flubot infections.

Once deployed on a new device, it will attempt to trick victims into giving additional permissions and grant access to the Android Accessibility service, allowing it to hide and execute malicious tasks in the background.

It then takes over the infected device, gains access to the victims’ payment and banking info via webview phishing pages overlayed on top of legitimate mobile banking and cryptocurrency apps’ interfaces.

Flubot also exfiltrates the address book to the command-and-control server (with the contacts later sent to other Flubot bots for pushing spam), reads SMS messages, makes phone calls, and monitors system notifications for app activity.

Those who have infected their devices with Flubot malware are recommended to take the following measures:

  • Perform a factory reset on the device. If you restore your settings from a backup, make sure you restore from a backup created before the malware was installed.
  • If you used a banking application or handled credit card information on the infected device, contact your bank.
  • Report any financial losses to the police.
  • Reset your passwords on any services you have used with the device. The malware may have stolen your password if you have logged in after you installed the malware.
  • Contact your operator, because your subscription may have been used to send text messages subject to a charge. The currently active malware for Android devices spread by sending text messages from infected devices.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us