Security News > 2021 > September > New Android Malware Targeting US, Canadian Users with COVID-19 Lures

An "Insidious" new SMS smishing malware has been found targeting Android mobile users in the U.S. and Canada as part of a new campaign that uses SMS text message lures related to COVID-19 regulations and vaccine information in an attempt to steal personal and financial data.

Proofpoint's messaging security subsidiary Cloudmark coined the emerging malware "TangleBot."

"The malware has been given the moniker TangleBot because of its many levels of obfuscation and control over a myriad of entangled device functions, including contacts, SMS and phone capabilities, call logs, internet access, and camera and microphone," the researchers said.

Besides capabilities to obtain sensitive information, the malware is engineered to control device interaction with banking or financial apps using overlay screens and plunder account credentials from financial activities initiated on the phones.

Opting to update the software results in the installation of the TangleBot malware on the Android device.

"Even if the user discovers the TangleBot malware and it is able to remove it, the attacker may not use the stolen information for some period of time, rendering the victim oblivious of the theft."

News URL

http://feedproxy.google.com/~r/TheHackersNews/~3/onZZ-BuixwQ/new-android-malware-targeting-us.html