Android users face malware attacks from various malicious actors from time to time. Last year, we saw several malware programs like Alien, FakeSpy, and BlackRock target Android, trying to steal user data. Now, a security research firm recently discovered new malware that tricks Android users into downloading a threat program onto their smartphones using COVID-19 vaccine appointment messages.
TangleBot Malware on Android
Dubbed the TangleBot malware, it was recently discovered by CloudMark security researchers. It is similar to FluBot, which hit Android users earlier this year via the SMS system and uses the same technique to convince users to download a malicious program to gain full access to the user’s devices. However, unlike FluBot which convinced users to click a malicious link by saying they lost a package, TangleBot tries to convince them by saying they have a COVID-19 vaccination appointment.
Additionally, TangleBot threat actors posted links rumored to contain new COVID-19 regulations in an area to trick users into clicking on them. Once a user clicks the link, a web page appears indicating that the user has an outdated Adobe Flash Player. If the user opens the link to update the Flash player, the malware is installed on their Android device.
Once installed, the malicious program gains access to some of the core features of an Android device. And that includes device contacts, the ability to make phone calls and send messages, call logs, and internet capabilities. Furthermore, in addition to accessing software features, the malware can also use the cameras, microphones, and GPS capabilities of the affected Android device.
If you accidentally install the program on your device, the threat actors behind the TangleBot malware could steal your personal account information, make phone calls or text your contacts, or monitor your daily digital activities. In other words, it could make your life miserable and therefore it is very dangerous.
So, if you come across such a message in your inbox that claims to provide you with a COVID-19 vaccination appointment or to inquire about new COVID-19 regulations in your area, don’t click the link. Immediately delete the message from your Android device to keep it safe from TangleBot malware.