The number of malware reports sent to the National Cybersecurity Center (NCSC) has exploded over the past week. Instead of a few, there were over 300. Android-based cell phones have been infiltrated in order to steal passwords and logins from users.
315 reports were received according to the NCSC. Otherwise it is only a handful. At the request of the Keystone-SDA news agency, Swisscom and Salt also confirmed that they had received several reports. However, the telecommunications providers did not want to give exact figures on attacks on their customers. According to Swisscom spokesman Christian Neuhaus, the attacks began on October 12th.
Millions of malicious messages
According to a report in the newspaper “Le Temps”, millions of malicious SMS messages have been sent in the past few days, apparently all in German.
Users reported SMS messages containing a link to a website similar to that of their mobile operator and asking them to download an Android application, the NCSC stated on its website.
“Flubot” since June 2020 in Switzerland
In the application, the “FluBot” malware penetrates the device in order to steal authentication passwords sent by SMS from banking applications. And the user may not even be aware of it as the malware can also delete notifications warning of a possible attack.
“FluBot” first appeared in Switzerland in June of last year. The malware lurks in the affected operating system and can hardly be removed completely. To get rid of them once and for all, the operating system must be completely reset, according to the NCSC.
Do not click on links
For its part, Salt tries to combat these malicious SMS messages by, among other things, blocking IP addresses. “Unfortunately, these change frequently,” said spokeswoman Viola Lebel.
In order to protect against these attacks, Salt and Swisscom recommend not to click on the link sent by SMS. And certainly not to install the software via the link received via SMS or another message platform, adds the NCSC. According to the center, however, hardly any user actually downloaded the software. (SDA / vof)