Posted on September 26, 2021 at 5:59 PM
Threat actors are always looking for new ways to infiltrate networks and gain access to information from user devices. While some hackers use sophisticated software to gain access to these details, some use simple techniques that rely on internet users making mistakes that will lead to their data being compromised.
One of the recent techniques that threat actors are using is the TangleBot malware. This malware relies on the current situation with the Covid-19 pandemic to target victims. Those whose devices are compromised using this malware end up losing their personal information to the hackers.
The threat actors are luring users to install this malware on their devices by tricking them with details that are related to Covid-19. However, these hackers trick the users that the information is important and will help them navigate the occurrences of this global crisis.
Research has stated that the main target of these cyber attackers is the users of Android devices. The hackers gain access to their devices using phishing SMSs, which are now becoming a common occurrence.
The threat actors are gaining access to a wide range of details using this malware. Some of the information that they are giving users to gain access to their devices includes insurance plans, vaccination schedules, false advertisements and other important details that they believe a user would want to know.
How the TangleBot SMS Malware Works
The TangleBot malware is similar in terms of functionality to Flubot. The malware operates through smishing, which allows them to trick users and gain access to their android phones.
The TangleBot malware was created for several reasons, but one of its main goals is to access financial information and personal data. It achieves this by taking control over the device’s functionality, which then gives the attackers access to sensitive user details.
One of the strategies that the TangleBot malware uses to lure victims is to send them an SMS related to Covid-19. The SMS will include details related to Covid-19, and it will inform the user bout matters such as vaccination, new regulations related to Covid-19 and other information that they may regard as relevant.
If a user follows a link attached to the SMS, it takes them to another page that will require them to update their Adobe Flash Player. However, if a user goes ahead and gives the device a prompt to update the software, it will instead download the malware on their Android device. This will then leave the device prone to the attackers stealing sensitive information.
After the malware has been installed on the device, it will prompt the device to access permissions through the phone’s settings. If these permissions are granted, the device will record personal information and track a user’s activity on the device. The malware will also keep track of a user’s details and banking information that could later be used to defraud the victim.
How to protect yourself from the TangleBot Malware
For Android users to protect themselves from this malware, they need to practice basic online safety techniques. This includes being on the lookout for any messages or prompts that they receive from unknown senders regarding Covid-19.
The information mostly used to target people includes medical data that the attackers will disguise as being sent from a medical facility, insurance company or any other entity that deals in healthcare.
While a user can regard this SMS as harmless, it ends up compromising their devices and users are left prone to phishing attacks where their personal and financial data will be accessed by hackers who have ill intentions.
Another way of keeping this malware at bay is to ensure that you do not follow any link that has been sent on SMS, especially if the sender looks suspicious. If you want to gain access to specific information, it is safe to look for official communication with the agency you want to contact. You can also use certified online tracking apps that will keep you informed about everything related to Covid-19, such as vaccination, insurance and others.
It is also best practice for Android users to only download apps from Google Play Store. Prompts that require you to download apps outside of the Play Store should be avoided.