[ad_1]
A new malware called TangleBot was recently discovered attacking Android users in the United States and Canada. Experts said that this Android malware could gain access to users’ microphones, cameras, text messages, call logs, internet and GPS without their knowledge.
Cloudmark threat analysts called TangleBot “a smart and complicated new SMS malware attack.” It works around Android security features and exploits the vulnerability of users by tricking them into clicking a link through a text message using the COVID-19 information.
Android malware 2021: TangleBot uses COVID 19 information for attack
TangleBot sends two types of messages containing malware.
The first is the message saying, “New regulations regarding COVID-19 in your area”. The second is a message saying, “You have received the appointment for the 3rd dose (appointment for the vaccine). Both posts contain embedded links.
Clicking on these links would redirect users to the Internet. Users would be prompted to update their Adobe Flash Player, which includes files containing TangleBot.
Once installed, TangleBot would be difficult to detect and remove from the infected device.
Android malware: the TangleBot attack
Some users downloading the TangleBot would be notified of the user’s permission. The devices would request access to smartphone contracts, SMS, phone capabilities, call logs, internet camera, microphone, and GPS. Most of the time, these permissions would be overridden and automatically granted.
According to Cloudmark, hackers could use the infected device to:
- Make, record or block phone calls
- Send, get, or process text messages
- Record audio from the smartphone’s camera, screen or microphone and stream it directly to the attacker’s device
- Plant screens overlays on legitimate apps and screens to steal user data
- Implement other device observation capabilities.
Hackers often use TangleBot data to monetize user information. Malicious actors could use this information for bank fraud or other related schemes.
Read also: Stimulus Check Fourth Update: $ 1,400 Seniors Payment Gets Big Push, September Child Tax Credit Delayed
9 Ways to Prevent TangleBot Android Malware
To avoid falling victim to TangleBot, smartphone users should follow these steps:
- Be on the lookout for suspicious text messages. Hackers often use SMS phishing tactics.
- Keep your phone number private and share it only with trusted sources.
- Watch out for messages with warnings or urgent content. This is a popular fear tactic among hackers.
- Be careful with messages containing links or files. If possible, open them in a website browser instead.
- When you download content from the Internet, scan them regularly for viruses.
- Report SMS phishing and spam to 7726 (written as SPAM).
- Be careful giving permissions to newly opened apps.
- Do not respond to unsolicited business or commercial messages.
- Do not install apps or software outside of an app store or certified website.
ProofPoint executive vice president of cybersecurity Ryan Kalember told CBS News, “What makes TangleBot quite interesting right now is that they use some incredibly new decoys that all match the kind of stuff that we hear about in the news with COVID, whether we are talking about the booster or other things that you are likely to see on the front page of any news site you visit. “
So always watch out for suspicious internet content!
Associated article: Dogecoin Price Prediction: Dogefather Elon Musk Reveals ‘Super Important’ Feature To Increase Doge Value
[ad_2]
Source link