New Android Malware Lures Users to Click a Malicious Link Using COVID-19 Messages

Beware: New Android Malware Lures Users to Click Malicious Links in COVID-19 Messages

New Android Malware Lures Users to Click a Malicious Link Using COVID-19 Messages

Android users face malware attacks from various malicious actors from time to time. Last year, we saw several malware programs such as Alien, FakeSpy, and BlackRock affect Android, trying to steal user data. Now, a security research firm recently discovered a new malware that lures Android users to download a threat program on their smartphones using COVID-19 vaccine appointment messages.

TangleBot Malware on Android

Dubbed as the TangleBot malware, it was recently discovered by security researchers at CloudMark. It is similar to FluBot, which affected Android users earlier this year through the SMS system, and uses the same technique to convince users to download a malicious program to gain full access to the user devices. However, unlike FluBot that convinced users to click a malicious link by saying that they have missed a package, TangleBot tries to convince them by saying that they have a COVID-19 vaccination appointment.

Image: CloudMark

Moreover, the TangleBot threat actors sent links that were said to contain new COVID-19 regulations in an area to lure users to click them. Once a user clicked on the link, a webpage stating that the user has an outdated Adobe Flash Player pops up. If the user opens the link to update the Flash player, the malware gets installed on their Android device.

Once installed, the malicious program gains access to some of the core functionalities of an Android device. And that includes the device’s contacts, the ability to make phone calls and send messages, call logs, and internet functionalities. Moreover, other than gaining access to software features, the malware also gets to use the cameras, microphones, and GPS functionalities of the affected Android device.

If you accidentally install the program on your device, the threat actors behind the TangleBot malware could steal your personal account information, make phone calls or send messages to your contacts, or monitor your daily digital activities. In other words, it could make your life miserable and hence is very dangerous.

So, if you come across such a message in your inbox that claims to provide you with a COVID-19 vaccination appointment or inform you about the new COVID-19 regulations in your area, do not click the link. Delete the message from your Android device right away to keep it safe from the TangleBot malware.

Leave a Reply