Android users occasionally face malware attacks by various malicious actors. Last year, we saw several malware like Alien, FakeSpy, and BlackRock affect Android by trying to steal user data. The security research company recently discovered new malware that entices Android users to download a threat program to their smartphones using COVID-19 vaccine scheduling messages.
TangleBot malware on Android
Named the TangleBot malware, it was recently discovered by security researchers at CloudMark. It is similar to FluBot, which earlier this year affected Android users via the SMS system, and uses the same technique to persuade users to download malware in order to gain full access to user devices. However, unlike FluBot who persuaded users to click a malicious link by saying they missed the package, TangleBot is trying to convince them by saying they have a vaccination against COVID-19 scheduled.
Moreover, TangleBot threat actors have sent links that are said to contain new regulations on COVID-19 in the area to entice users to click them. After the user clicks on the link, a web page will appear saying that the user has an outdated Adobe Flash Player. If a user opens a link to update the Flash player, the malware is installed on their Android device.
After installation, the malware gets access to some of the basic functions of the Android device. This includes device contacts, the ability to make phone calls and send messages, call logs, and Internet features. Moreover, in addition to accessing software features, malware can also use the cameras, microphones, and GPS functions of the affected Android device.
If you accidentally install the app on your device, the threat actors behind the TangleBot malware could steal your personal account information, make phone calls or send messages to your contacts, or monitor your daily digital activities. In other words, it could make your life miserable and therefore very dangerous.
Therefore, if you come across such a message in your inbox claiming to give you an appointment for vaccination against COVID-19 or notifying you of new regulations against COVID-19 in your area, do not click the link. Delete the message from your Android device now to protect it from TangleBot malware.