Login

Register

Login

Register

Computer Security: AndroCovid | Mirage News | #ios | #apple | #iossecurity | #cybersecurity | #infosecurity | #hacker



While we humans are still struggling with our own 21st century pandemic, Android devices have apparently had their own strain of flu in recent weeks: “FluBot” (aka “FakeChat”, aka “Cabassous”). This new Android malware started to spread in Europe. Once installed, it tries to steal login information like passwords, but also personal details and banking information. As a banking Trojan, it is ultimately trying to break into your bank accounts to steal your money. In parallel, it tries to spread to other victims via SMS sent from infected devices.

What’s interesting about FluBot is that just two clicks are enough to get your device infected. The first click opens a malicious web link, a bad email, a fake text message or a nasty WhatsApp notification pretending to come from a Telecom provider (with which you have no subscription), a package delivery service (when you’re not expecting a parcel), the local tax authorities, etc. And the second, disguised as a notification that you need to install an essential app (“Delivery manager”, “Your Telco invoices”, “Tax submission portal”) linked to that message, compromises your device. As with our famous clicking campaign (see our Bulletin article “The truth lies in the URL“), two clicks are enough to compromise your device, lose your personal data and, if the worst comes to the worst, have your banking details and money stolen!!!

Contrary to iOS devices, the underlying problem with Android devices is that AndroidOS allows you to install apps from any source, not only the central Google Play Store. Apple tightly restricts, controls and dictates which apps are permitted to propagate to iOS end-devices, whereas Google does not. Its policy is much more liberal, which leads to the problem of (malicious) app installation from (malicious) third parties. While there might be many other pros and cons, curation and centralisation come with security benefits…

So, once more, in order to protect yourself, your assets, your private and, consequently, also your professional life: STOP – THINK – DON’T CLICK! Be vigilant and suspicious. Watch out for dubious messages. Did you expect that message? Is it reasonable? Check the URL behind a link-to-be-clicked. Does it look fine, with a domain name (“cern.ch”, for example) related to the message? If in any doubt, just hold on. Either ignore or delete that message, or check with us at Computer.Security@cern.ch.

Of course, although Android devices are the focus here, “STOP – THINK – DON’T CLICK!” should be your general mantra when dealing with unexpected messages and weblinks. Protect your Windows, Linux and Apple devices! Protect your digital assets! Protect your digital life (“What do apartments and computers have in common“)!!!

/Public Release. This material comes from the originating organization and may be of a point-in-time nature, edited for clarity, style and length. View in full here.



Original Source link

Leave a Reply

Shqip Shqip አማርኛ አማርኛ العربية العربية English English Français Français Deutsch Deutsch Português Português Русский Русский Español Español

National Cyber Security Consulting App

 https://apps.apple.com/us/app/id1521390354

https://play.google.com/store/apps/details?id=nationalcybersecuritycom.wpapp


Ads

NATIONAL CYBER SECURITY RADIO

Ads

ALEXA “OPEN NATIONAL CYBER SECURITY RADIO”

National Cyber Security Radio (Podcast) is now available for Alexa.  If you don't have an Alexa device, you can download the Alexa App for free for Google and Apple devices.   

nationalcybersecurity.com

FREE
VIEW