Swiss police help eliminate ‘FluBot’ malware in global operation
Switzerland and ten other countries have successfully prevented the rapid spread of the so-called FluBot malware, which infects Android mobile phones via text messages and steals sensitive data from devices, federal prosecutors say.
Since 2020, the FluBot malware has infected a huge number of devices worldwide. Law enforcement agencies in Europe attempted to bring down the group behind it, but the malware reportedly continued to spread especially across Spain, Finland, Germany, Britain and Japan.
On Tuesday, the Office of the Attorney General of Switzerland (OAG) confirmedExternal link that the aggressive malware had been “successfully eliminated thanks to international cooperation involving the Swiss law enforcement authorities and other partners”.
At the end of May, a large operation, led by Europol and the Dutch police together with numerous other law enforcement agencies, managed to stop the spread of the malware. The Swiss Federal Office of Police (Fedpol) and the OAG were directly involved as operational and strategic partners.
The Android malware had been spreading aggressively through SMS, stealing passwords, online banking details and other sensitive information from infected smartphones across the world, Europol saidExternal link.
FluBot was installed via text messages which asked Android users to click on a link and install an application to track to a package delivery or listen to a fake voice mail message. Once installed, the malicious application, which actually was FluBot, would ask for accessibility permissions. The hackers would then use this access to steal banking app credentials or cryptocurrency account details and disable built-in security mechanisms. The malware was able to spread due to its ability to access an infected smartphone’s contacts.
The OAG opened criminal proceedings in April 2022 against “unidentified perpetrators” on suspicion of unauthorised data procurement, unauthorised access to data processing systems, damage to data and computer fraud after a series of FluBot cases were reported between April and July 2021.
During the international operation coordinated by Europol, Dutch police were able to destroy the infrastructure and deactivate the malware strain. However, investigations aimed at identifying the suspected perpetrators are still ongoing, the OAG said.
In compliance with the JTI standards
More: SWI swissinfo.ch certified by the Journalism Trust Initiative
You can find an overview of ongoing debates with our journalists here. Please join us!
If you want to start a conversation about a topic raised in this article or want to report factual errors, email us at english@swissinfo.ch.