FluHorse malware attacks Android phones stealing personal data including passwords

By Nick Heyman On May 7, 2023

A “strain” of malware infecting Android devices called FluHorse has been discovered by Check Point Research (via BleepingComputer) The malware is disseminated via email and will steal credit card data, passwords, and even two-factor authorization (2FA) codes. The attacks have been spotted in Eastern Asia since 2022 and usually start with an email sent to a potential victim demanding that an immediate payment be made to clear up a problem with an account.

The email includes a link taking the victim to fake versions of legitimate apps. These phony apps include ETC, which is a toll-collection app in Taiwan, and Vietnamese banking app VPBank Neo, a banking app in Vietnam. The real versions of each app have over 1 million installs each from the Google Play Store. Check Point also discovered that a fake version of a real transport app with 100,000 installs is also being used, but this app was not named.

Apps mimicked by the FluHorse malware. Image credit Check Point Research

To hijack any 2FA codes sent, the three apps request SMS access. With 2FA, a user can open an app or website by typing in a password and a special code that is sent to the user’s phone by text. The fake apps copy the UIs of the real apps but don’t do much outside of collecting the user’s information including credit card data. Then, to make it appear as though some real processing is going on, the screen says “system is busy” for 10 minutes. What’s really happening is that 2FA codes are being stolen along with personal information.

How FluHorse works

According to Check Point, this is an active and ongoing threat to Android users and it is always best not to give away personal information like credit card numbers and social security numbers online. And just because this organized attack has been spotted in a different region of the world, it doesn’t mean that you should be lax when it comes to safeguarding your personal data.

For all the latest Technology News Click Here

For the latest news and updates, follow us on Google News.

Read original article here

Denial of responsibility! TheDailyCheck is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – [email protected] The content will be deleted within 24 hours.