Trojan

FluBot

First seen: 2020-12 • Status: disrupted

Disrupted by Law Enforcement

FluBot spread through fake package delivery texts. If you clicked the link and installed the app, it would steal your banking info. Police shut it down in 2022.

Overview

FluBot was an Android banking trojan that spread via SMS phishing disguised as package delivery notifications. It was taken down by law enforcement in 2022.

Also Known As

Fedex Banker, Cabassous

How It Spreads

  • SMS phishing (smishing)
  • Fake delivery notifications

What It Does

  • Stole banking credentials
  • Intercepted SMS
  • Spread via contacts

Is your business exposed?

Target Platforms

Android

Detection Tips

  • Be suspicious of delivery SMS with links
  • Check app sources

MITRE ATT&CK Techniques

T1417, T1411, T1582

If You're Infected

  1. 1.

    Factory reset device

  2. 2.

    Notify contacts who may have received spam

Related Malware

Teabot, Cerberus

Is your business exposed?

Check if your company data is circulating on the dark web

Free scan • No credit card required

Privacy PolicyYour Privacy Choices