TangleBot Android malware is delivered through smishing and is currently targeting users in Canada and the US disguised as information about COVID-19 vaccination.
It is a fact that SMS messages have become a preferred attack vector to spread malicious software and infect mobile devices. Recently, Hackread reported the notorious FluBot SMS Android malware that targeted mobile devices across Europe and the UK.
Now, there is another Android malware on the block called TangleBot, which employs more or less similar tactics to gain control of the device- the problem is that it is far more invasive than FluBot.
TangleBot Causing Trouble for Android Users
According to Cloudmark and Proofpoint cybersecurity researchers, both of which reported the new SMS-based (SMishing) malware campaign involving TangleBot, when TangleBot is installed on a device, it gains access to several different permissions to eavesdrop on user communications.
The malware also steals sensitive data stored on the device and monitors just about every user activity such as camera usage, audio conversations, and location, etc. Furthermore, the malware takes full control of the targeted device, including accessing banking data and can penetrate the deepest corners of Android OS.
Who are the Targets?
At the moment, TangleBot is