Dangerous new text on Android phones lets hackers in – don’t tap it
HACKERS are targeting Android smartphones by sending texts to victims with phoney offers of free software.
According to cyber security experts, clicking the link grants the attackers access to your phone – and possibly your online banking credentials.
The campaign was unearthed by MalwareHunterTeam, a group of researchers who help consumers identify cyber-attacks.
They told tech website Bleeping Computer last week that the dodgy texts are a form of SMS phishing (smishing).
Phishing attacks lure victims to a website that appears to be operated by a trusted entity, such as a bank, social media platform or other service.
The website, however, is phoney with fake content designed to persuade a victim to enter sensitive information, like a password or email address.
According to MalwareHunterTeam, the latest campaign sends out SMS texts asking the recipient if they intended to upload a video from their device.
When the recipient clicks on the included link, they're taken to a fake web page asking them to install a phoney Flash Player app.
Flash Player was a piece of software used to stream and view video that was killed off by developer Adobe in 2020.
Users who tap to download the fake Adobe app inadvertently install malware onto their device, researchers said.
It's the latest iteration of a dangerous type of malware called "FluBot" that swept across the globe last year.
Hackers infect devices with FluBot by sending out thousands of SMS messages containing links to a malicious URL.
When a recipient taps the link, they're encouraged to install a seemingly innocuous app onto their device.
The app, however, is FluBot in disguise. Once downloaded onto your phone, it harvests your contacts and begins sending them malicious links over SMS.
To lure people into tapping the URLs, texts are usually disguised as security updates, software, or parcel delivery notices.
Once in the device, FluBot can harvest your online banking credentials, take screenshots, and send or intercept SMS messages.
Because it uses the victim's gadget to send smishing messages to their contacts, FluBot usually spreads at a lightning pace.
If you suspect you've been infected, you should contact your bank to check whether there has been any suspicious activity on your account.
You should also change all of your online passwords, as they may now be in the hands of hackers.
It's recommended that you perform a factory reset of your phone to rid it of the malware.
Android users should avoid installing apps from third-party websites to protect themselves from dodgy downloads.
It's especially important to only install apps from well-known brands, such as Adobe, from trusted locations.
In other news, scientists are embarking on a mission to unravel the mystery behind dozens of grisly child mummies buried in an underground tomb in Sicily.
Police have caught an Italian mafia henchman who'd be on the run for 20 years after spotting the fugitive on Google Maps.
One of the best-preserved fossils ever found has confirmed that young dinosaurs burst from their shells just like baby birds.
And, an eagle-eyed Reddit user has spotted a $2billion flying stealth bomber on Google Maps.
We pay for your stories! Do you have a story for The Sun Online Tech & Science team? Email us at email@example.com