Security News > 2021 > September > New Android Malware Targeting US, Canadian Users with COVID-19 Lures
An "Insidious" new SMS smishing malware has been found targeting Android mobile users in the U.S. and Canada as part of a new campaign that uses SMS text message lures related to COVID-19 regulations and vaccine information in an attempt to steal personal and financial data.
Proofpoint's messaging security subsidiary Cloudmark coined the emerging malware "TangleBot."
"The malware has been given the moniker TangleBot because of its many levels of obfuscation and control over a myriad of entangled device functions, including contacts, SMS and phone capabilities, call logs, internet access, and camera and microphone," the researchers said.
Besides capabilities to obtain sensitive information, the malware is engineered to control device interaction with banking or financial apps using overlay screens and plunder account credentials from financial activities initiated on the phones.
Opting to update the software results in the installation of the TangleBot malware on the Android device.
"Even if the user discovers the TangleBot malware and it is able to remove it, the attacker may not use the stolen information for some period of time, rendering the victim oblivious of the theft."
News URL
http://feedproxy.google.com/~r/TheHackersNews/~3/onZZ-BuixwQ/new-android-malware-targeting-us.html
Related news
- TrickMo malware steals Android PINs using fake lock screen (source)
- Russia targets Ukrainian conscripts with Windows, Android malware (source)
- Android malware "FakeCall" now reroutes bank calls to attackers (source)
- New FakeCall Malware Variant Hijacks Android Devices for Fraudulent Banking Calls (source)
- New Android Banking Malware 'ToxicPanda' Targets Users with Fraudulent Money Transfers (source)
- Cyber crooks push Android malware via letter (source)