/i/1277037256.png?fit=%2C&ssl=1)
The National Cyber Security Center has posted a list on Github containing the domain names used by the Flubot malware. The NCSC states that in this way organizations can check whether employees’ telephones are infected.
Last month Dutch police published another warning about misleading text messages that contained a link to the Flubot malware and now publishes the NCSC a list with the domain names used by Flubot on Github.
In the infamous text messages it is suggested that a postal package is on its way to the recipient. In addition, it links to an Android app that contains the so-called Flubot malware. This malware looks for contact, bank and credit card details to commit bank fraud. Once installed, the Flubot malware can also read and send messages and load phishing websites when a banking application is launched.
The Belgian telecom watchdog BIPT and the Center for Cyber Security Belgium warned against such text messages at the end of April. According to the latter two organizations, more than 9,000 Belgians had clicked on the link and downloaded the malware. Security researchers at Proofpoint already wrote a article about the method of FluBot.
–
