Europol has disclosed news about the takedown of the fastest growing Android malware operation, FluBot. The botnet was infamous for stealing banking and cryptocurrency account credentials.

Details about the successful takedown 

The takedown of FluBot operation is a result of a law enforcement operation across 11 countries. It followed a complex technical investigation that led to pinpointing the bot’s most critical infrastructure.
  • The countries that participated in the takedown operation include Sweden, Australia, the Netherlands, Belgium, Hungary, Ireland, Spain, Switzerland, Finland, and the U.S.
  • Further, the Dutch Police claimed to have disconnected 10,000 victims from the FluBot network and stopped over 6.5 million spam SMS from reaching potential victims.
In March 2021, the Spanish police arrested four suspects who were then considered the main members of the FluBot operation, as the malware had mostly infected users in that region.

FluBot’s rapid infection

  • FluBot’s rapid proliferation was due to the fact that it abused the contact list of compromised devices to send SMS to all trusted contacts.
  • As everything happened in the background, the victims couldn’t spot anything unusual.


The cooperation of international police has successfully taken down the prominent FluBot. Further, its infrastructure is under the control of law enforcement, so there is no possibility of its return. It is a perfect example showing how law enforcement agencies can work together and stop such malicious threats at the international level.
Cyware Publisher