Select Page

Cybersecurity researchers have shared the inner workings of an Android malware family called Fluhorse.

The malware “represents a significant shift as it incorporates the malicious components directly within the Flutter code,” Fortinet FortiGuard Labs researcher Axelle Apvrille said in a report published last week.

Fluhorse was first documented by Check Point in early May 2023, detailing its attacks on users located in East Asia through rogue apps masquerading as ETC and VPBank Neo, which are popular in Taiwan and Vietnam. The initial intrusion vector for the malware is phishing.

The ultimate goal of the app is to steal credentials, credit card details, and two-factor authentication (2FA) codes received as SMS to a remote server under the control of the threat actors.

images from Hacker News