Android Malware Uses COVID-19 Related Text Messages To Infect US And Canadian Users
New Android malware, “TangleBot,” hides under COVID19 SMS to infect smartphone users in the United States and Canada. The SMS malware that attracts Android users uses text messages related to the COVID19 vaccination program and regulatory announcements.
According to CBS News, security analysts have discovered the TangleBot malware to capitalize on COVID19 to steal data from its victims. ProofPoint’s executive vice president of cybersecurity, Cloudmark’s parent company, Ryan Kalember, revealed that the TangleBot virus has been infecting Android phones for “weeks” using such a pattern.
The head of Proofpoint also warned that the anger over the new malware is probably already “widespread.” Kalember also revealed that the malware infection begins with sending COVID19 text messages to Android users, specifically in the United States and Canada. For example, one of his Many posts talks about “new COVID-19 regulations in your area.”
New TangleBot malware hits US and Canada users
The SMS then ends with a link. Another version of the text indicates that your “third appointment for the COVID-19 vaccine has been scheduled. “Similar to the first, a link is also provided.
The link related to COVID-19 will instead redirect to a message that says Adobe Flash Player needs to be updated on the victim’s smartphone. According to The Hacker News, Cloudmark researchers gave the newly discovered Android malware the nickname “TangeBot” due to its ability to control various complex smartphone features, such as call logs, camera, microphone, SMS, and even Internet access.
New malware seizes on COVID-19 to target Android users
A new form of malware that experts are referring to as "TangleBot" is relying on interest in COVID-19 to trick Android users… https://t.co/Afi0gmpFYE #AndroidMalware #AndroidUsers #Covid19 pic.twitter.com/Srt8y6n8aM
— VPN Answers (@VpnAnswers) September 23, 2021
Although the malware mainly steals information from its victims, the TangleBot could also access the interaction in their financial applications. The ability of hackers to record the interaction inside the device is made possible by the “overlay” screen. It allows attackers to create a fake window; it registers bank credentials.
Steals their financial apps
That said, the victims will be fooled into believing that their bank details are entered on the financial application. Therefore, the Android virus could go so far as to steal money from your bank accounts.
Kalember also warned that the TangleBot malware is difficult to remove from the infected device. In addition, information about victims stolen by malware could also help fund attackers even more. It is since hackers sell them in the growing personal data market.
Therefore, even if the attackers decide not to open your bank accounts. The personal information extracted is already worth something to hackers. Elsewhere, Android malware targets the US and Spanish users to steal their financial apps. Also, here is the list of apps to avoid on Android due to Joker malware.
Image courtesy of ThoughtbubbleTech/YouTube