Android users face malware attacks from various malicious actors from time to time. Last year, we saw several malware programs like Alien, FakeSpy, and BlackRock that affected Android, trying to steal user data. Now, security research firm recently discovered a new malware that entices Android users to download a threat program on their smartphones using COVID-19 vaccine appointment messages.
TangleBot Malware on Android
Known as TangleBot malware, security researchers recently discovered it at CloudMark. It’s similar to FluBot, which reached out to Android users earlier this year via the SMS system, and uses the same technique to convince users to download a malicious program to gain full access to the user’s devices. Unlike FluBot, however, which persuaded users to click a malicious link by saying they missed a package, TangleBot tries to convince them by saying they have a COVID-19 vaccination appointment.
Moreover, TangleBot threat activists launched links that are said to contain new COVID-19 regulations in an area to entice users to click on them. As soon as a user clicks on the link, a web page appears stating that the user has an outdated Adobe Flash Player. If the user opens the link to update the Flash player, the malware is installed on their Android device.
Once installed, the malicious program gains access to some of the key functionalities of an Android device. And that includes device contacts, the ability to make phone calls and send messages, call logs, and internet functionalities. Moreover, instead of accessing software features, the malware gets the use of cameras, microphones, and GPS functionalities of the Android device concerned.
If you accidentally install the program on your device, the threat agents behind TangleBot malware may steal your personal account information, make phone calls or send messages to your contacts, or monitor your digital activities daily. That is to say, it could make your life miserable and therefore very dangerous.
So if you come across such a message in your inbox claiming to make you a COVID-19 vaccination appointment or informing you of the new COVID-19 regulations in your area, don’t click on the link. Delete the message from your Android device immediately to keep it safe from TangleBot malware.