Malware Investigation and Analysis for Cyber Threat Intelligence: A Case Study of Flubot Malware

  •  Uchenna J. Nzenwata    
  •  Frank Uchendu    
  •  Haruna Ismail    
  •  Eluwa M. Jumoke    
  •  Himikaiye O. Johnson    


Android operating systems have swiftly outpaced other operating systems (OS) in popularity, making them vulnerable to assaults since hackers are continuously looking for flaws to exploit. This is why several organisations have long been plagued by various types of mobile security threats. Utilizing a cyber-threat intelligence tool to evaluate, track, and prevent planned attacks is one crucial strategy to combat this effect. This paper discusses and investigates the FluBot malware, using the Dagah tool and Android Studio to phish, harvest and exploit malicious applications over SMS on Android devices. The Capability Maturity Model (CMM) was adopted and used for the investigation. The methodology adopted describes the operation of the FluBot malware through a cloned website, and demonstrates how FluBot is used to share a malicious link through the short message service (SMS), which is then used to grab a victim’s credentials. The outcome of the study displayed the information on the FluBot malware, including its source, domain, and destination. Similar malware analysis and assessments of cyber threat intelligence may be conducted using the techniques used in this study.

This work is licensed under a Creative Commons Attribution 4.0 License.
  • ISSN(Print): 1913-8989
  • ISSN(Online): 1913-8997
  • Started: 2008
  • Frequency: semiannual

Journal Metrics

WJCI (2022): 0.636

Impact Factor 2022 (by WJCI):  0.419

h-index (January 2024): 43

i10-index (January 2024): 193

h5-index (January 2024): N/A

h5-median(January 2024): N/A

( The data was calculated based on Google Scholar Citations. Click Here to Learn More. )