Flutter is one of the most popular frameworks for creating cross-platform applications that look and feel native. It offers many benefits for developers and users, such as fast performance, beautiful UI, and easy maintenance. However, Flutter is not immune to malware attacks that can jeopardize your data and privacy. In this article, we will introduce you to Fluhorse, a flutter-based malware that can steal your data without you knowing, and show you how to protect your Flutter application.
What is Fluhorse and How Does It Work?
Fluhorse is a malicious flutter package that can be embedded in any application. It regularly sends encrypted data packets to a remote server without the user’s knowledge or consent. The data packets can contain sensitive information such as passwords, credit card details, location, contacts, messages, photos, etc.
Fluhorse can also perform other malicious actions, such as downloading and executing further malware, displaying unwanted ads, redirecting the user to phishing sites, or locking the device until a ransom is paid.
How Did Fluhorse Emerge and Evolve?
Fluhorse was first discovered in May 2023 and has been downloaded over 100,000 times. In Southern Asia, it pretends to be an electronic toll system app and lures victims into entering their credentials. Also, steals 2FA (two-factor authentication) codes by listening to incoming SMS and forwarding them to a website controlled by attackers.
What sets Fluhorse apart from other Android malware is its utilization of Flutter, an open-source SDK (software development kit) renowned among developers for its ability to build applications compatible with Android, iOS, Linux, and Windows platforms using a single codebase.
While previous instances of threat actors using Flutter for malware exist, such as MoneyMonger, they used Flutter for its cross-platform UI elements without carrying the actual malicious payload. The Fluhorse family represents a significant shift as it directly incorporates malicious components within the Flutter code.
This makes Fluhorse more difficult to reverse engineer and detect, as Flutter applications are notoriously challenging to analyze. Many researchers treat them as a black box, only analyzing those components that can be observed from the outside. Some employ dynamic instrumentation tools, which come with the complexities and risks of running malware in controlled environments. However, Fortinet researchers have successfully managed to reverse-engineer the Fluhorse malware statically without dynamic execution entirely.
How Can You Protect Your Flutter Application from Fluhorse?
The best way to protect your Flutter application from Fluhorse is to refrain from using unknown or untrusted packages in your project. You should always check your packages’ source code and reviews and look for any suspicious or malicious code.
Additionally, you should use a reputable antivirus or anti-malware application on your device and scan your Flutter application regularly for signs of infection. The latest versions of the Flutter SDK and dependencies may also contain security patches and bug fixes.
If you suspect that Fluhorse has infected your Flutter application, you should immediately uninstall it from your device and contact the developer or the app store for assistance. You should also change your passwords and monitor your accounts for unauthorized activity.
Fluhorse is a severe threat to Flutter development and users and should not be taken lightly. By following these tips, you can ensure your Flutter application is safe and secure from this Flutter-based malware. But if you need security improvement. we got you covered. Our reliable developer can help you to find and fix your flutter apps to avoid this malware. Take a discussion first with us about what your problem is with Flutter apps.