A new malware called TangleBot was recently discovered attacking Android users in the United States and Canada. Experts said that this Android malware could access user microphones, cameras, SMS, call logs, internet and GPS without their awareness.
Cloudmark threat analysts called TangleBot a "clever and complicated new SMS malware attack." It works around Android security features and exploits user vulnerability by tempting them to click a link via text message using COVID-19 information.
Android Malware 2021: TangleBot Uses COVID 19 Information for Attack
TangleBot sends two types of messages laced with malware.
First is the message saying, "New regulations about COVID-19 in your region." Second is a message saying, "You have received the appointment for the 3rd dose (vaccine appointment)." Both messages have links embedded in them.
Clicking on those links would redirect users to the internet. Users would be prompted to update their Adobe Flash player, which includes files containing TangleBot.
When installed, TangleBot would be difficult to detect and remove from the infected device.
Android Malware: The TangleBot Attack
Some users downloading the TangleBot would be warned about user permission. The devices would ask for access to smartphone contracts, SMS, phone capabilities, call logs, internet camera, microphone, and GPS. Most of the time, these permissions would be overridden and automatically granted.
According to Cloudmark, hackers could use the infected device to:
- Make, record, or block phone calls
- Sent, obtain, or process text messages
- Record smartphone camera, screen, or microphone audio and stream it directly to the attacker's device
- Plant overlay screens that over legitimate apps and screens to steal user data
- Implement other device observation capabilities.
Hackers often use TangleBot data to monetize users' information. Malicious actors could use this information for banking fraud or other related schemes.
9 Ways to Prevent TangleBot Android Malware
To avoid falling victim to TangleBot, smartphone users should follow these steps:
- Be on the lookout for suspicious SMS. Hackers are often using text message phishing tactics.
- Keep your phone number private and only share it with trusted sources.
- Practice cautions with messages that have warnings or time-sensitive content. This is a popular scare tactic among hackers.
- Practice caution with messages that contain links or files. If possible, open them in a website browser instead.
- When downloading content from the internet, scan them regularly for viruses.
- Report SMS phishing and spam to 7726 (spells out as SPAM).
- Be careful giving permissions to newly opened apps.
- Do not respond to unsolicited enterprise or commercial messages.
- Do not install apps or software outside a certified app store or website.
Executive vice president of cybersecurity ProofPoint, Ryan Kalember, told CBS News "What is making TangleBot fairly interesting right now is that they are using incredibly fresh lures that all map to the sorts of things that we're hearing about in the news with COVID, whether we are talking about the booster or other things that you are likely to see on the front page of whatever news site you go to."
So always be careful of suspicious internet content!
Related Article: Dogecoin Price Prediction: Dogefather Elon Musk Reveals 'Super Important' Feature to Boost Doge Value