ACM EuroUSEC 2023 Lessons in Prevention and Cure: A User Study of Recovery from Flubot Smartphone Malware Abstract: The smishing-based malware Flubot was taken down in mid-2022, yet there is little understanding of how it directly impacted smartphone users. We engage with customers of a partner Internet Service Provider (ISP), who have suffered a Flubot infection on their smartphones. We surveyed 87 ISP customers who had been notified of a Flubot infection, in the months around and preceding the take-down of Flubot. We found that slightly over half of respondents were unaware of the malware infection before being notified, though many others had suspicions. We also observe that just over half of respondents experienced non-technical harms from the malware, with many experiencing harms before notification and several experiencing unwanted or aggressive activity from users of other infected devices. Many respondents reported not having removed the malware, while some discarded the infected device or stopped using online services in their efforts to be more secure afterwards. We offer recommendations, including that clearer guidance be sought to help users identify a malware infection (and not a focus only on prevention), and support provided for recovery from personal harms caused by mobile malware, as the impacts are not only technical. Pre-camera PDFBibTeX:
@inproceedings{Geers:EuroUSEC2023,
author = {Geers, Artur and Ding, Aaron and Ganan, Carlos and Parkin, Simon},
title = {Lessons in Prevention and Cure: A User Study of Recovery from Flubot Smartphone Malware},
booktitle = {Proceedings of the 2023 European Symposium on Usable Security},
series = {EuroUSEC '23},
year = {2023},
publisher = {ACM}
}
How to cite:
Artur Geers, Aaron Ding, Carlos Ganan, Simon Parkin. 2023. "Lessons in Prevention and Cure: A User Study of Recovery from Flubot Smartphone Malware". In Proceedings of the 2023 European Symposium on Usable Security (EuroUSEC '23).