Abstract

Android operating systems have swiftly outpaced other operating systems (OS) in popularity, making them vulnerable to assaults since hackers are continuously looking for flaws to exploit. This is why several organisations have long been plagued by various types of mobile security threats. Utilizing a cyber-threat intelligence tool to evaluate, track, and prevent planned attacks is one crucial strategy to combat this effect. This paper discusses and investigates the FluBot malware, using the Dagah tool and Android Studio to phish, harvest and exploit malicious applications over SMS on Android devices. The Capability Maturity Model (CMM) was adopted and used for the investigation. The methodology adopted describes the operation of the FluBot malware through a cloned website, and demonstrates how FluBot is used to share a malicious link through the short message service (SMS), which is then used to grab a victim’s credentials. The outcome of the study displayed the information on the FluBot malware, including its source, domain, and destination. Similar malware analysis and assessments of cyber threat intelligence may be conducted using the techniques used in this study.

This work is licensed under a Creative Commons Attribution 4.0 License.