Bitdefender’s Mobile Threat researchers have warned about some newly discovered Flubot and Teabot campaigns. The researchers claim that since December 2021 they have intercepted over 100,000 malicious SMS messages which were aiming to distribute Flubot malware.
The researchers have said that they have observed that the attacks are more active in Germany, Spain, Poland, Australia, Italy and Austria, as well as newer countries in January such as Thailand, the Netherlands and Romania.
“We determined it was a TeaBot variant, and further investigation led to the finding of a dropper application in Google Play Store named the ‘QR Code Reader – Scanner App’, with over 100,000 downloads, that has been distributed 17 different TeaBot variants for a little over a month,” the researchers said in their detailed report.
The researchers also identified another trojan called Teabot, which is masquerading as ‘QR Code Reader – Scanner App’ on the Google Play Store. The Teabot trojan has been downloaded 100,000 times between December and January, delivering 17 different variants of the malware.
Hank Schless, Senior Manager of Security Solutions at Lookout said, “this incident is exemplary of the problems that the malware-as-a-service (MaaS) market creates for consumers and enterprises alike. This market has made malware and phishing kits incredibly accessible for even the least skilled threat actors. Usually, for a very small price, someone can go online and find one of these kits fully built and ready to be used. Once they acquire the kit, all the attacker needs to do is host it on a web domain then build a delivery mechanism. Most frequently, this mechanism is some form of message targeting mobile users because of the number of ways you can deliver a message to these devices via SMS, email, social media platforms, third party messaging apps, gaming and even dating apps.”
The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY
Follow Us
© 2015 – 2019 IT Security Guru – Website Managed by Calm Logic
© 2015 – 2019 IT Security Guru – Website Managed by Calm Logic
This site uses functional cookies and external scripts to improve your experience.
Privacy settings
Privacy Settings / PENDING
This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.
NOTE: These settings will only apply to the browser and device you are currently using.
GDPR Compliance


You May Also Like

Fox News leaks 13 million internal records

Researchers have claimed that a misconfiguration has exposed millions of internal records,…