Police in 11 countries have cracked down on mobile phone fraud called FluBot, which has spread around the world through fake text messages, Dutch and EU police said on Wednesday.
Dutch cyber-police led an operation in May targeting malware that infects Android phones using texts that pretend to be from a parcel company or that say a person has a voicemail waiting.
Hackers would then steal bank details from infected phones that automatically sent messages to other mobile phones in the user’s contact list, transmitting the fraud as a flu virus.
“To date, we have disconnected ten thousand victims from the FluBot network and prevented more than 6.5 million spam text messages,” Dutch police said in a statement.
The EU police agency Europol said FluBot was among “the fastest spreading mobile phone malware to date” and could “spread like wildfire because of its ability to access the contacts of an infected smartphone.”
Police have made the evil program “inactive” but continue to hunt down the culprits, it said.
“This FluBot infrastructure is now under police control, halting the destructive spiral,” Europol said.
The countries involved in conducting the investigation were Australia, the United States, Belgium, Finland, Hungary, Ireland, Romania, Spain, Sweden, Switzerland, and the Netherlands, coordinated by Europol’s cybercrime center.
A spokesman for the Maltese police said Times of Malta that this fraud did not affect Malta, as the police would otherwise have been involved in the investigation.
FluBot has become one of the world’s most notorious cyber scams since it first appeared in December 2020, “causing chaos” around the world, Europol said.
The agency said the bug endangered “a large number of devices worldwide”, especially in Europe and the United States, with “major incidents” in Spain and Finland.
Australian media outlets said last year that FluBot was spreading “like a tsunami” with some users bombarded with texts.
Details of how police removed the fraud remain unclear, and officials say they don’t want criminals to know how they broke it.
Dutch police said a cybercrime team in the eastern Netherlands had demolished FluBot by “intervening and disrupting the criminal process”, without giving further details.
Europol said the removal did not involve removing any physical infrastructure such as servers, but also refused to say more.
“Dutch police have found another way to stop the criminal activity,” a Europol spokesman told AFP.
But FluBot’s method was simple, according to Europol and the Dutch police.
It would arrive “mainly by a fake SMS on behalf of a known parcel delivery service” or by saying that the user has a voicemail to listen to.
They would then be asked to click on a link to download an app from the parcel service to track a parcel, or listen to the voicemail.
But in fact FluBot would install the malware on their phones. The fake program would then ask for permission to access various other applications.
Hackers could then see their victims enter passwords for banking, credit cards or cryptocurrencies and steal from them, Europol said.
What made it “very dangerous” was its ability to access a phone’s contact list and then send fake texts to other phones.
“Victims often do not know that they have installed the malware. The further spread of the malware also occurs without the notice of the mobile phone user,” Dutch police said.
The scam only targeted phones with Google’s Android operating system. Apple’s iOS system has not been affected.
Freelance journalism costs money. Support the Times of Malta for the price of coffee.