Europol announced the takedown of the infrastructure of FluBot, a piece of SMS-based Android malware, designed to steal passwords, online banking details and other sensitive information from infected devices.
In May, the malware’s infrastructure was disrupted by the Dutch Police (Politie), rendering this strain of malware inactive. According to the Dutch police, they have disconnected ten thousand victims from the FluBot network and prevented over 6.5 million spam SMS from reaching prospective victims.
In March 2021, the police in Spain arrested four suspected members of the FluBot criminal group thought to be behind a massive smishing scheme that targeted tens of thousands of victims with malicious links impersonating banks with the goal of stealing victims’ credentials and money.
At this time, no arrests have been announced in connection with the FluBot malware.
In a separate effort, the Federal Bureau of Investigation (FBI) has seized the internet domains - weleakinfo[.]to, ipstress[.]in, and ovh-booter[.]com - that were used by threat actors to sell stolen personal information or conduct DDoS (distributed denial of service) attacks against victim networks.
The WeLeakInfo website offered a subscription service to its customers that allowed them to access personal information (names, email, passwords for online accounts, etc.) obtained via data breaches, while two other sites provided DDoS-for-hire services.