Cybersecurity researchers discovered a new “FluHorse” Android malware that targets users via email, and threat actors use it to steal credit card information, passwords and even two-factor authentication codes (2FA) from unsuspecting victims.
The FluHorse malware spreads by attackers sending phishing emails to high-value targets, asking users to take immediate action to resolve a payment issue. If the user clicks on a link in the email, they download a fake app containing the malware disguised as a well-known, legitimate apps.
As reported by Check Point Research, FluHorse targets victims in multiple countries in Asia. Mimicked apps include toll-collection app ETC in Taiwan, banking app VPBank Neo in Vietnam and a transportation app, although its name wasn’t noted in the report. The real version of these apps have over 1 million downloads, meaning threat actors are taking advantage of the app’s popularity.
Once installed, the apps request SMS notification permission, which the hackers use to get any 2FA codes the victim receives in order to access private accounts.
The apps request for the user’s login credentials and credit card details. Once entered, the app displays a “system is busy” message, allowing the attackers time to gather data or intercept the 2FA codes. Check Point researchers provided a display of how the attack works.
The report states that the FluHorse malware has been traced back to May 2022. “Our analysis shows that these campaigns remain an ongoing threat as new infrastructure nodes and malicious applications appear each month,” Check Point Research notes.
With FluHorse still be an ongoing threat, it’s a good idea to stay aware and get help from one of the best antivirus software.
How to remove FluHorse malware on Android
The FluHorse Android malware is an ongoing threat that’s distributed by email, which means the first step in avoiding this malware is to beware of suspicious emails. Find out how to stop spam emails on Android to keep yourself safe.
If you have downloaded an app via an dodgy email link, and recognize any of the apps named above, here’s a way to get rid of dangerous apps on your Android device safely. For more ways, check out our guide on how to remove malware on Android.
Safely remove an app on Android
- On your Android, press the necessary buttons to turn off your device.
- Tap and hold the Power off icon.
- Press OK to reboot to safe mode. This will restart your device.
- Once restarted, head to Settings.
- Navigate to Apps.
- Select any suspicious apps you wish to remove.
- Tap Uninstall. Restart your device to go back to normal mode.
Clear cache on Android
Clearing your browser and app cache on your Android device will help minimize the effects of malware. Apps and browsers store your online activities, and malicious software like adware can use this to cause more harm. Clearing cache can also help clear up space on your Android, boosting the device’s performance.
- To clear app cache, head to Settings on your Android.
- Select Storage and choose Apps.
- Select an app.
- Tap Clear cache.
Many Android owners use Google Chrome as their default browser. Here’s how to clear cache in Chrome on Android.
- On your Android, open Chrome.
- Tap the three vertical dots in the upper-right corner.
- Select Settings.
- Tap Privacy and security.
- Select Clear browsing data.
- To just clear cache, uncheck Browsing history and Cookies and site data.
- Tap Clear data.
Use antivirus software to protect your device
Simply put, the best way to get rid of malware is to use the best antivirus software.
There are many free malware removal apps that will dispatch malicious software on your device, but it’s a good idea to make sure these tools are trustworthy, as hackers can also disguise these apps on the Google Play Store to deploy even more malware.
The best antivirus apps come with a suite of security features that can get rid of virus, malware, ransomware, spyware or any malicious software that burrows into your Android. Some antivirus software, such as Bitdefender, offers security subscriptions specifically for Android, making it a more cost-effective option for those that only need Android protection.
We also recommend free apps from known cybersecurity companies, including Avast One, AVG and Malwarebytes Mobile Security. These will detect and remove malware on your Android. Check out our thoughts on each antivirus below.