The FluBot virus: is it Android's COVID?

By Ash Klemm >>

THE Android malware called the FluBot virus is still spreading throughout South East Queensland and Australia, with people reporting up to 10 messages a day from random numbers. 

But, FluBot doesn’t just send annoying messages. It also steals passwords and login information to your online accounts, personal details, and banking information.

FluBot uses the data to steal your money, take over your accounts and perform online identity theft while sending SMS messages to new victims to spread itself further. All without the users’ knowledge. 

FluBot has so far been detected mainly in South East Queensland. However, it is likely to spread to the rest of Australia, as it has in Europe and the States.  

How the FluBot virus works 

An infected device sends an SMS message that contains a phishing link. The message claims the user has a missed call or has a new voicemail. 

The message provides a link to retrieve the voicemail or see who the missed call was from. Following the provided link will take you to a web page displaying a trusted brand (like Telstra or Optus) and prompt you to install an app to listen to the voicemail message. If you permit the install, the Flubot malware will be loaded on your phone.  

Once downloaded, FluBot, asks for accessibility permissions. If granted, it gives itself more extensive app permissions and becomes a system app. Then it wreaks havoc.

How to remove FluBot virus

Although many companies have offered ways to remove FluBot, they can be tricky, with no guarantee they work. The safest and surest way to remove the FluBot virus is to do a factory reset on your phone, which erases the malware. Here’s how you do a factory reset.

Remember, restoring any recent backup may restore the malware if your data was backed up while the malware was installed. Be sure to use a backup that is dated earlier than when you think you got FluBot.

After you’ve removed the malware/virus from your phone, change your passwords as a precaution. Do not change your passwords before removing FluBot.

Remember: A factory reset on your phone will delete everything, including photos, phone numbers, apps.

How to stay safe from FluBot and other mobile malware  

Mobile phones are not immune to online threats. Malware, phishing, unsafe networks, and other threats for mobile phone users also exist.

FluBot is just one of the newest threats out there. Here are a few things you can do to protect your mobile phone and digital life on the go.

Use antivirus for mobile devices: 

Malware targeting mobile devices is becoming increasingly common. A quality antivirus for mobile phones will help keep your data safe and warn you of any nefarious software. A lot of anti-virus companies offer bundle deals for PCs and mobile phones.

Don’t open suspicious links:

Stop and think critically about the message and the link, if you think it could be malware, contact the sender via a phone call before clicking any link. Mobile devices are used on the go, making it easier to fall for phishing scams, because we aren’t always paying attention. Remember, no reputable company or authority will ask for personal information through email or SMS.  

Avoid shady apps:

While there’s no unambiguous way to tell a suspicious app from a genuine app, start by thinking about what you use it for. If it’s not necessary, there’s no point in getting it.

If it doesn’t work for you, delete it immediately. In the case of voicemail, your phone can do that; you don’t need a separate app for it.

Don’t download apps from unofficial app stores. It’s not a good idea to enable the 'Install from Unknown Sources' option.



About the author, Ash Klemm

Ash Klemm is Surety IT' s business development manager and senior relationship manager, with more than 20 years experience in sales and marketing. But it is his curiosity and natural problem-solving abilities that make him the perfect first call for all Surety IT's new customers, to help determine what is wrong, how Surety IT can help and what the best solutions are moving forward.


Contact Us


PO Box 2144