This is a new malware that, via SMS, and taking advantage of the Covid theme, attacks the devices of Android users.
The malware that uses Covid to attack Android users
The alarm comes from the researchers https://www.proofpoint.com/uk/blog/threat-insight/mobile-malware-tanglebot-untangledProofpoint, who observed a new malware campaign called TangleBot. This one, which targets Android users, uses themes such as COVID-19 to persuade victims to click on dangerous links and install the malware.
The links come off SMS, typically in the form of information for Covid vaccinations. It would be a real digital virus that exploits the real virus. For now, the only reports concern American and Canadian users. However, we should not let our guard down in Europe.
Once installed, the pallows cybercriminals to obtain various access permissions. Through these it is able to track communications and steal sensitive data, obtain data relating to the user’s activity. It may even have access to our audio, track device location and more.
TangleBot, while sharing some similarities with malware Medusa, has some key distinguishing features. It is the latter that make it particularly dangerous, such as its advanced behaviors and transmission capabilities. Perhaps the most dangerous feature of TangleBot is the use of a string decryption routine as part of its obfuscation.
Read our useful tips to avoid falling victim to phishing.