Miguel de Brooker, director of the Center for Cybersecurity Belgium (CCB), talks about the virus that was transmitted via fake SMS messages from BePost and which has infected thousands of smartphones in Belgium.
Initially the Bipost fake SMS scam was unfortunately a success for cyber criminals. A few days ago, at least 9,000 devices were infected with computer viruses.
Infected smartphones send hundreds of text messages every day
“Generally, a malware campaign infects 400 to 500 systems in our country,” said Miguel de Brooker, director of the Center for Cybersecurity Belgium (CCB), to our colleagues at Nieuwsblad. “In this case, there are already thousands who send hundreds of messages every day. Our telecom providers are also blocking millions.”
Why has this malware spread so quickly?
This malware (computer virus) is a fluobot, which uses “flu” in English for “flu” and “bot” for “robot”, as it spreads like a flu virus. That is, it infects users and in turn sends viruses to their contacts in an attempt to infect them. In the case of the Bipost scandal, Miguel de Bruyker explains this unfortunate success by the fact that it is SMS, as we are less skeptical about email. Then, if the SMS announces that it comes from BPost, our antitrust gauge falls even further.
The only way to click on the link
Once the malware hits the phone, it is done, all you have to do is reset the device to “fix” it. “This is no longer a common application, but rather a system service,” says De Brooker, who is still in Nieuwsblad. “So you can’t delete it.” Once intruded into the smartphone, the stream can make the appropriate SMS and send them automatically, as well as steal contacts. but that’s not all ! It can also display websites, specifically a screen similar to a banking service, hoping that the user trusts it and enters its information.
Are infected smartphones ready for an attack?
And as soon as this information is collected by the malware, it is too late, because it sends it to another infected device via a central server. All these smartphones infected with the BePost scam are called “botnets”, ie a set of infected devices that can function simultaneously. It can be used exclusively for DDoS attacks, ie very large connections of devices on the same server that become saturated and out of use.
Upcoming Corporate Data Theft?
For Miguel de Brooker, this method may also allow the theft of company data. “It seems that cyber criminals first want to make the botnet as large as possible, with a mechanism that continuously feeds the bot through these text messages,” analyzes the director of the CCB.
“Owners of botnets can then present it to criminal organizations for DDoS attacks or information theft. If you have access to thousands of smartphones, many are connected to corporate networks. In this way, you can search for information on internal networks Are. A botnet can also be used to distribute ransomware. ”
Ransomware is a computer virus that implicates data on a device and demands a ransom to return it, otherwise it will be destroyed or made public.
Analyst. Amateur problem solver. Wannabe internet expert. Coffee geek. Tv guru. Award-winning communicator. Food nerd.