METACERT
Published in

METACERT

Facts about FluBot malware and why criminals targeted Australia

“FluBot is spreading via SMS messages from other mobile phone numbers, which makes it incredibly hard to block from a telco perspective”

Gizmodo and others.

This is a myth. There’s nothing new or different about the FluBot SMS phishing messages hitting Australia today, and the phishing messages reported in March 2020.

Cybercriminals started to target mobile subscribers in Australia with FluBot because they know operators are unable to stop their SMS phishing scams — it’s that simple. Telstra reported the same type of SMS phishing attacks in March 2020. Other nuances exist but I’d like to keep this article as simple as possible.

FluBot doesn’t spread, SMS phishing messages spread. Stop the SMS messages and we stop FluBot.

FluBot can only be downloaded via an SMS phishing message:

a) directly from cybercriminal’s message, or

b) a message sent from an infected handset.

  1. FluBot cannot automatically infect a mobile device, computer, or computer network.
  2. FluBot cannot spread across a mobile network.
  3. FluBot cannot spread across a corporate network.
  4. Anti-malware solutions are ineffective and unreliable because FluBot automatically rotates URLs inside SMS messages to avoid detection.
  5. To stop FluBot, subscribers must be protected from SMS phishing messages.
  6. The protect subscribers from SMS phishing messages we must make it easy for them to spot a scam before they tap “download”.
  7. To stop every malicious URL, we need to change our entire approach to Internet Security. We need to change to a “Zero Trust” strategy for SMS — assume every URL on the Internet is dangerous, unless verified.
  8. A “Zero Trust SMS” strategy requires the verification of tens of billions of URLs.
  9. SMS Firewalls are not designed to authenticate verified URLs, so they can’t implement a Zero Trust strategy.

Here’s a real demo of how MetaCert addresses SMS phishing:

If you’re interested in SMS phishing you might enjoy the following articles:

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Paul Walsh

Paul Walsh

MetaCert CEO. Passionate about Cybersecurity, Blockchain, Crypto, Snowboarding & Red Wine. Part of the AOL team that launched AIM. Co-founded 2 W3C Standards.