Home » Android Phone Users, Be Aware of a New Covid Malware Text Message Sent To You
Android Phone Users, Be Aware of a New Covid Malware Text Message Sent To You

Android Phone Users, Be Aware of a New Covid Malware Text Message Sent To You

.COM for just $5.98 at Namecheap

This content was originally published here.

If you’re an Android user and you get one of these two text messages about COVID, don’t click on it.

Android users are getting targeted by a new malware known as “TangleBot,” according to the mobile and email security company Cloudmark. As CBS News reported on Sept. 23, TangleBot is being sent to Android users in the U.S. and Canada by one of two text messages: one message claims to have the latest COVID guidance for their area, while the other informs them that their third vaccine dose has been scheduled, and both include a link.

Neither of these messages are valid, and if a user clicks on the link attached to the texts, they will be prompted to update their phone’s Adobe Flash Player. However, the “update” will instead download the malware onto your Android.

“They are using incredibly fresh lures that all map to the sorts of things that we’re hearing about in the news with COVID, whether we are talking about the booster or other things that you are likely to see on the front page of whatever news site you go to,” Ryan Kalember, the executive vice president of cybersecurity at Cloudmark’s parent company ProofPoint, told CBS News.

If this malware gets downloaded onto your phone, your information may be compromised.

If you accidentally download the TangleBot malware to your phone, scammers can become privy to a lot of your stored information. “The TangleBot malware can do a ton of different things,” Kalember said. “It can access your microphone, it can access your camera, it can access SMS, it can access your call logs, your internet, [and] your GPS so it knows where you are.”

Fortunately, users are typically warned by their phone before they attempt to download the malware. According to CBS News, Android users are warned about the dangers of downloading software from “unknown sources” and a series of permission boxes are displayed before your phone is infected with TangleBot.


Unfortunately, you likely won’t realize the malware is on your phone once it’s downloaded.

Once the malware is on your phone, it’s practically unrecognizable since Tanglebot has the capability of showing hacked users an overlay screen that looks like what they’re used to seeing, while a fake window is being run by hackers to steal your information, according to Kalember.

For instance, you might think you are logging onto your mobile banking site, but you could actually be typing your information onto a hidden screen that is being monitored by hackers. “I would hope that [users] would remember the Adobe Flash prompt but after that, they probably won’t see very much from TangleBot,” Kalember told CBS News. “Like most pieces of mobile malware, it is relatively stealthy in terms of its appearance.”

The malware can be hard to remove from your Android.

According to Cloudmark, hackers have been using TangleBot for weeks now, so they predict its reach could be “very widespread” at this point. And once the malware is installed on a device, “it is pretty hard to remove it,” Kalember warned.

Cloudmark is advising users not to respond to any unsolicited commercial messages and refrain from clicking on any link provided in text messages, as hackers are “increasingly using mobile messaging” to attack smartphone users. “[It’s] exploiting the user’s vulnerability,” Kalember told CBS News. “You are basically being tricked into installing the attacker’s code.”

This content was originally published here.

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top