TangleBot Malware Reaches Deep into Android Device Functions

Threat Post - 

The mobile baddie grants itself access to almost everything, enabling , data-harvesting, stalking and attacks, among others.

An Android malware called TangleBot has weaved its way onto the cyber-scene: One that researchers said can perform a bouquet of malicious actions, including stealing personal info and controlling and device functions.

According to Cloudmark researchers, the newly discovered mobile malware is spreading via messaging in the U.S. and , using lures about boosters and regulations. The goal is to social-engineer targets into clicking on an embedded link, which takes them to a website. The site tells users they need an “Adobe Flash update.” If they click on the subsequent dialog boxes, TangleBot malware installs.

In propagation and theme, TangleBot resembles other mobile malware, such as the FluBot SMS malware that targets the U.K. and or the CovidLock Android , which is an Android app that pretends to give users a way to find nearby COVID-19 patients. But its wide-ranging access to mobile device functions is what sets it apart, Cloudmark researchers said.

“The malware has been given the moniker TangleBot because of its many levels of obfuscation and control over a myriad of

Read More: https://threatpost.com/tanglebot-malware-device-functions/174999/