Medusa Malware Joins Flubot’s Android Distribution Network
Flubot, the Android spyware that’s been spreading virally since last year, has hitched its infrastructure wagon up to another mobile threat known as Medusa.
That’s according to ThreatFabric, which found that Medusa is now being distributed through the same SMS-phishing infrastructure as Flubot, resulting in high-volume, side-by-side campaigns.
The Flubot malware (aka Cabassous) is delivered to targets through SMS texts that prompt them to install a “missed package delivery” app or a faux version of Flash Player. If a victim falls for the ruse, the malware is installed, which adds the infected device to a botnet. Then, it sets about gaining permissions, stealing banking information and credentials, lifting passwords stored on the device and squirreling away various pieces of personal information.