New Android malware TangleBot hides underneath COVID-19 SMS


Android Malware Uses COVID-19 Related Text Messages To Infect US And Canadian Users

New Android malware, “TangleBot,” hides under COVID19 SMS to infect smartphone users in the United States and Canada. The SMS malware that attracts Android users uses text messages related to the COVID19 vaccination program and regulatory announcements.

According to CBS News, security analysts have discovered the TangleBot malware to capitalize on COVID19 to steal data from its victims. ProofPoint’s executive vice president of cybersecurity, Cloudmark’s parent company, Ryan Kalember, revealed that the TangleBot virus has been infecting Android phones for “weeks” using such a pattern.

The head of Proofpoint also warned that the anger over the new malware is probably already “widespread.” Kalember also revealed that the malware infection begins with sending COVID19 text messages to Android users, specifically in the United States and Canada. For example, one of his Many posts talks about “new COVID-19 regulations in your area.”

New TangleBot malware hits US and Canada users

The SMS then ends with a link. Another version of the text indicates that your “third appointment for the COVID-19 vaccine has been scheduled. “Similar to the first, a link is also provided.

The link related to COVID-19 will instead redirect to a message that says Adobe Flash Player needs to be updated on the victim’s smartphone. According to The Hacker News, Cloudmark researchers gave the newly discovered Android malware the nickname “TangeBot” due to its ability to control various complex smartphone features, such as call logs, camera, microphone, SMS, and even Internet access.

Although the malware mainly steals information from its victims, the TangleBot could also access the interaction in their financial applications. The ability of hackers to record the interaction inside the device is made possible by the “overlay” screen. It allows attackers to create a fake window; it registers bank credentials.

Steals their financial apps

That said, the victims will be fooled into believing that their bank details are entered on the financial application. Therefore, the Android virus could go so far as to steal money from your bank accounts.

Kalember also warned that the TangleBot malware is difficult to remove from the infected device. In addition, information about victims stolen by malware could also help fund attackers even more. It is since hackers sell them in the growing personal data market.

Therefore, even if the attackers decide not to open your bank accounts. The personal information extracted is already worth something to hackers. Elsewhere, Android malware targets the US and Spanish users to steal their financial apps. Also, here is the list of apps to avoid on Android due to Joker malware.


Image courtesy of ThoughtbubbleTech/YouTube


Choosing my career as a content writer is my choice. I chose what I like, I only choose what I like to do.

Published by

Recent Posts

WhatsApp rolls out encrypted backups for data storages

WhatsApp is rolling out new end-to-end encrypted backups for data stored on Google Drive or…

10 mins ago

Queen Elizabeth health concern: Her Majesty advised to give up favorite drink

Queen Elizabeth loves to end her day with her favorite day, but she has been…

16 mins ago

‘Resident Evil 4’ canyon level remake appears in ‘Far Cry 5’

A fan-made canyon remake of Resident Evil happens in Far Cry 5. You can now…

17 mins ago