It’s not surprising that the malware industry is using the pandemic to spread its own viruses. Both COVID and malware are infecting people in exponential numbers. The newest malware, TangleBot, targets Android users by pretending to be helpful messages about COVID. It’s one virus using another.
Cloudmark Warns Android Users About TangleBot Malware
The TangleBot malware hits Android devices in the U.S. and Canada with SMS messages about COVID. If the messages are successful at spreading the malware, it can send more text messages from the infected device, make and block phone calls, and perhaps the most frightening, overlay screens over apps.
Security firm Cloudmark discovered one fake message that read, “New regulations about COVID-19 in your region. Read here.” Another said, “You have received the appointment for the 3rd dose. For more information, visit …” Both are said to be sent from TangleBot.
The malware was named TangleBot because there are several levels of tangling up your device. It can even steal your financial credentials with the screen overlay function. This information can then potentially end up on the dark web.
This is cybercriminals taking advantage of a situation where people are vulnerable. People are either unsure about the virus or unsure about the methods to protect themselves. It makes them more likely to click on unsafe information. Sure, it’s advantageous for hackers, but it just makes it even more unethical, if that’s at all possible.
If you click on one of these malicious messages, it informs you that Adobe FlashPlayer needs to be updated. And, of course, FlashPlayer is long gone and certainly not being updated anymore. Instead of a FlashPlayer update, TangleBot is downloaded and installed.
This is where the TangleBot malware takes over your Android device, controlling your messages, phone, camera, screen, GPS, microphone, and more. Along with overlay screens covering your apps, it can also set up ways to watch the activity on your device.
How to Avoid Getting the TangleBot Malware
Smartphones give hackers an easy way to spread their phishing attacks, as we have our phones with us at all times and are likely less safe with them than our computers. We use them for so many social situations that spreading a phishing attack through social means, such as SMS messages, just becomes all too easy.
To avoid getting COVID, you need to socially distance, wear a mask, and get the vaccine. Cloudmark suggests doing the following to avoid getting TangleBot:
- Be wary of suspicious text messages
- Protect your mobile number
- Access links directly
- Report SMS phishing and spam messages
- Take care when installing apps
- Avoid responding to unknown texts
- Only install apps from legitimate app stores
To protect yourself further, check out our review of Emsisoft Anti-Malware, available for Windows and Android. Also check out Microsoft’s warning about the spike in cyberattacks of COVID data.