Use Safe Text to Combat TangleBot Malware Nightmare
Posted October 06, 2021
Written by John Shea III, Xpanxion Technical Writer
New Virus Weaves a Tangled Web of Dread in Android Phones
There’s a new bug in town and it’s called TangleBot. It digs deep into your Android phone and compromises on a lot of levels. It starts off with a text message about COVID-19 information in your area or telling you about your COVID-19 shot appointment. Once you click on it, it takes you to a place where it asks you to update your Adobe Flash. If you do, it will ask you to do several things as part of the update and then it’s got you, and got you bad.
Once in, the mobile and email security firm Cloudmark that recently detected Tanglebot says the malware can:
Make and block phone calls
- It will do this in the background, probably to high toll call areas on behalf of the hacker. If you try to call for help, it can stop your attempt.
Send, obtain, and process text messages
- This means it can spread to others’ phones in a text message that supposedly is from you. If it responds to text messages, the hacker can pretend it’s you and have malevolent conversations with friends, family, and business associates without you know it.
Record the camera, screen, or microphone audio or stream them directly to the attacker
- It will know what you look like, what you do and what you say, and with GPS, it will know where you are at all times.
Place overlay screens on the device covering legitimate apps and screens
- It can fake your regular bank account screen and copy your credentials, thus accessing the funds in your accounts.
Implement other device observation capabilities
- It can use all the apps on your phone without you knowing it.
Get Some Protection
How do you protect yourself from this new bug? Practice safe text. Only accept messages from source you know are safe. Do not provide your phone number to suspicious requesters. Do not click on suspicious links in text messages. Be careful with any apps you do download. Read the install instructions and prompts carefully. Look for information about rights and privileges the app might request. Be careful of obtaining any app from outside a certified app storer.
If you did get TangleBot and you managed to get rid of it, remember that the hackers can hold on to your financial information and other credentials and use it for their benefit at a later time. So the effects and consequences of TangleBot will linger a lot longer than when you had it.
The moral of all this: Be wary, and very careful with text message reception.
About Xpanxion - Solving business problems with technology. We are software product engineering experts with over 20+ years of experience delivering the technologies, software architectures, processes and people critical to delivering success. As a trusted partner, we focus on business solutions and alliances that provide end-to-end value to solving our customer’s problems. We focus on providing best-in-class solutions by developing custom solutions with modern technologies or by delivering industry recognized off the shelf solutions.
Expertise Solutions and Alliances Platforms and Technologies Industries
Media Contact: firstname.lastname@example.org