That SMS message could be some seriously nasty Android malware

News
By
published

Don’t download and install APKs from the web

Tablet
(Image credit: Shutterstock)

Threat actors are using SMS text messages to spread a password-stealing malware that attacks Android devices, experts have warned.

Once installed, the malware, known as FluBot, will harvest authentication details and other personal details and sensitive information.

To make matters worse, the malware makes its way into a victim’s address book, and in worm-like fashion infects other devices by sending itself to all the contacts.

TechRadar needs you!

We're looking at how our readers use VPN for a forthcoming in-depth report. We'd love to hear your thoughts in the survey below. It won't take more than 60 seconds of your time.

>> Click here to start the survey in a new window<<

Third-party APKs

From an infected device, the malware sends a text message masquerading as legitimate, often pretending to have come from reputable companies such as DHL, Amazon, Asda, Argos and others.

The message includes a phishing link that requests recipients to download an app, distributed as an APK, in order to track their delivery. As you can imagine, the app is the password-stealing malware.

By default, Android blocks the installation of third-party APKs. This is why the website that hosts the APK also handholds users through the process of overriding that safety mechanism. Once installed, the app gets to work.

UK's National Cyber Security Centre (NCSC) has issued security guidance to help users identify the FluBot text messages, while network providers Three and Vodafone have also started relaying warnings about the malware to their users.

The NCSC further urges users who receive the FluBot messages to forward them to the free spam-reporting service (7726), before proceeding to delete the message.

According to reports, although the malware is currently known to only infect Android devices, the NCSC is also advising Apple users to pay close attention to text messages that ask them to click links about a delivery. 

While the APKs won’t install on iOS devices, the fear is that the fake delivery websites could also be used to siphon off personal information.

We’ve also rounded up the best ransomware protection tools

Via ZDNet

TOPICS
Mayank Sharma
Mayank Sharma

With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’s TechRadar Pro’s expert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.

Read more
An iPhone sitting on a wooden table
Millions at risk as malicious PDF files designed to steal your data are flooding SMS inboxes - how to stay safe
Malware worm
Coordinated global mobile malware campaign targets banking apps and cryptocurrency platforms
Android phone malware
This nasty Android malware is posing as the Telegram Premium app
Close up of a business person using a smartphone.
Watch out, malicious PDF files are being used again in phishing attacks
Android phone malware
Screen reading malware found in iOS app stores for first time - and it might steal your cryptocurrency
In this photo illustration a Google Play logo seen displayed on a smartphone.
Why is there so much spyware hidden in the Play Store?
Latest in Security
healthcare
Software bug meant NHS information was potentially “vulnerable to hackers”
A hacker wearing a hoodie sitting at a computer, his face hidden.
Experts warn this critical PHP vulnerability could be set to become a global problem
botnet
YouTubers targeted by blackmail campaign to promote malware on their channels
A close-up of a phone screen showing the Telegram, Signal and WhatsApp apps
Agentic AI has “profound” issues with security and privacy, Signal President says
botnet
Another top security camera maker is seeing devices hijacked into botnet
Bluetooth
Top Bluetooth chip security flaw could put a billion devices at risk worldwide
Latest in News
TCL QM7K TV on orange background
TCL’s big, bright new mid-range mini-LED TVs have built-in Bang & Olufsen sound
Homepage of Manus, a new Chinese artificial intelligence agent capable of handling complex, real-world tasks, is seen on the screen of an iPhone.
Manus AI may be the new DeepSeek, but initial users report problems
Google Maps
Nightmare Google Maps glitch is deleting timelines, and there isn't a fix yet
Twitter social media application change logo to X. Elon Musk CEO of twitter rebranded Twitter to &#039;X&#039;. Social media application technology concept.
X is down again – Elon Musk confirms 'massive cyberattack' as former Twitter site hit by fourth outage today
Joe Goldberg and Kate Lockwood sitting at a table and looking at the camera in You season 5.
Netflix releases a killer new trailer for You season 5 but my favorite character is missing from Joe's final chapter
Person using Dyson V8 vacuum
Dyson vacuums have one big problem and I don't understand why
More about security
botnet

YouTubers targeted by blackmail campaign to promote malware on their channels
A hacker wearing a hoodie sitting at a computer, his face hidden.

Experts warn this critical PHP vulnerability could be set to become a global problem
TCL QM7K TV on orange background

TCL’s big, bright new mid-range mini-LED TVs have built-in Bang & Olufsen sound
See more latest
Most Popular
TCL QM7K TV on orange background
TCL’s big, bright new mid-range mini-LED TVs have built-in Bang & Olufsen sound
A computer screen showing a spreadsheet in use.
This entire nation's public health department was found to be running on a single Excel spreadsheet
Person using Dyson V8 vacuum
Dyson vacuums have one big problem and I don't understand why
Glowing server racks inside a data center.
The dirty little secret about AI hardware that you should know about: server vendors have to wrestle with wafer thin margins and bigger customers
Joe Goldberg and Kate Lockwood sitting at a table and looking at the camera in You season 5.
Netflix releases a killer new trailer for You season 5 but my favorite character is missing from Joe's final chapter
Google Maps
Nightmare Google Maps glitch is deleting timelines, and there isn't a fix yet
botnet
YouTubers targeted by blackmail campaign to promote malware on their channels
A laptop on a desk with the Windows 11 background on its screen.
Microsoft is adding image editing and compression to its Windows Share feature - and I couldn't be happier
A screen shot from a promotional video showing the HealthBuds fitness tracking earphones from Synseer
These mysterious wireless earbuds claim to monitor your heart and hearing health simultaneously, but there’s a catch
Homepage of Manus, a new Chinese artificial intelligence agent capable of handling complex, real-world tasks, is seen on the screen of an iPhone.
Manus AI may be the new DeepSeek, but initial users report problems