TangleBot Malware Reaches Deep into Android Device Functions

upnorth

Moderator
Verified
Staff member
Malware Hunter
Jul 27, 2015
4,483
46,136
An Android malware called TangleBot has weaved its way onto the cyber-scene: One that researchers said can perform a bouquet of malicious actions, including stealing personal info and controlling apps and device functions.

According to Cloudmark researchers, the newly discovered mobile malware is spreading via SMS messaging in the U.S. and Canada, using lures about COVID-19 boosters and regulations. The goal is to social-engineer targets into clicking on an embedded link, which takes them to a website. The site tells users they need an “Adobe Flash update.” If they click on the subsequent dialog boxes, TangleBot malware installs. In propagation and theme, TangleBot resembles other mobile malware, such as the FluBot SMS malware that targets the U.K. and Europe or the CovidLock Android ransomware, which is an Android app that pretends to give users a way to find nearby COVID-19 patients. But its wide-ranging access to mobile device functions is what sets it apart, Cloudmark researchers said.
 

LASER_oneXM

Level 37
Verified
Feb 4, 2016
2,591
14,592
TangleBot users a keylogger to steal information entered into websites - and it can monitor the location of victims, as well as secretly recording audio and video.
Dubbed TangleBot, the malware first appeared in September and once installed gains access to many different permissions required for eavesdropping on communications and stealing sensitive data, including the ability to monitor all user activity, use the camera, listen to audio, monitor the location of the device, and more. Currently, it's targeting users in the US and Canada.
 
Top