According to PhoneArena , the FluHorse malware is distributed via email and will steal credit card data, passwords, and even two-factor authentication (2FA) codes. The attacks, which have been occurring in East Asia since 2022, typically start with an email sent to potential victims demanding immediate payment to fix account issues.
The email contained a link that took victims to fake versions of legitimate apps. These fake apps included ETC, a toll collection app in Taiwan, and VPBank Neo, a banking app in Vietnam. The official versions of each app had more than 1 million installs from the Google Play Store. Check Point also found a fake version of a real traffic app with 100,000 installs, but the company did not name it.
To hijack any 2FA codes sent, the three apps ask for SMS access. The fake apps replicate the user interface of the official apps but do little more than collect user information, including credit card data. Then, to make it appear as if a real process is taking place, the screen displays a message saying “system busy” for 10 minutes. But in reality, 2FA codes are being stolen along with personal information.
Check Point says FluHorse is an ongoing threat to Android users, so it’s best for users to avoid giving out personal information like credit card numbers and social security numbers online. Since this coordinated attack has been detected in several regions around the world , people need to be vigilant about protecting their personal data.
Source link
![[Photo] People eagerly lined up to receive special publications of Nhan Dan Newspaper](https://vphoto.vietnam.vn/thumb/1200x675/vietnam/resource/IMAGE/2025/8/30/53437c4c70834dacab351b96e943ec5c)
Comment (0)