According to a recent report by Check Point Research, a new type of malware, named FluHorse, has been discovered. The malware comprises a cluster of Android apps that masquerade as genuine applications. Shockingly, the fake apps have already been downloaded by more than one million users.
FluHorse is created to pilfer personal information such as usernames, passwords, and 2FA codes. The distribution of the FluHorse malware occurs through email, and it targets various sectors in the Eastern Asian market.
Diving into details
The attackers lay their bait through mimicked applications of well-established and trustworthy companies, as these apps are likely to draw financially capable customers.
- Two such apps ETC and Neo, both with over a million Google Play installs, were found infected with the FluHorse malware.
- The developer's website for ETC APK claims that the application generates a staggering 16 million transactions per day and is used by more than six million individuals.
- Experts have also noted the presence of other malicious dating applications, although they are yet to identify any corresponding applications that the malware is attempting to impersonate.
Phishing and bypassing 2FA
Once the victim enters their login information, it is transmitted to the C2 server under the control of the attackers.
- The malware then instructs the victim to wait while the information is being processed. Meanwhile,
- It begins to intercept all incoming text messages, including any authentication codes sent for 2FA.
- If the attackers have obtained the victim's login credentials or credit card details, they can utilize this information to bypass the 2FA and gain unauthorized access to the victim's accounts.
The bottom line
Theft of personal information through malware is a serious problem that can lead to identity theft and financial fraud. Individuals and organizations must take proactive measures to safeguard against these threats. The FluHorse discovery underscores the importance of being vigilant when downloading apps, only using legitimate sources, keeping antivirus software updated, and exercising caution when opening emails from unknown sources. These measures can protect against the FluHorse malware and other similar threats.
Publisher
/https://cyware-ent.s3.amazonaws.com/image_bank/0e95_shutterstock_2272706843.jpg)
/https://cyware-ent.s3.amazonaws.com/image_bank/3661_shutterstock_653181373.jpg)
