According to Check Point Research, these malicious apps are designed to extract sensitive information, including user credentials and Two-Factor Authentication (2FA) codes.
FluHorse malware : How its distributed?
According to the report, FluHorse attacks start with targeted and malicious emails sent to high-profile individuals, urging them to take immediate action to resolve an alleged payment issue.
Usually, the target is directed to a phishing website through a hyperlink included in the email. Once there, they are prompted to download the phoney APK (Android package file) of the fake application.
Moreover, the email lures serve as an effective social engineering tactic and are consistent with the supposed intent of the malicious APK (like paying tolls) installed afterward.
To achieve the objective, assessing Flutter-based applications requires intermediate steps compared to analyzing pure Android apps.
- Disable applications that have administrator privileges
- Reset the system to its default state
- Install the latest software updates
- Check the data usage of various applications
- Check the battery usage of various applications