Security News > 2021 > September > New Android Malware Targeting US, Canadian Users with COVID-19 Lures
An "Insidious" new SMS smishing malware has been found targeting Android mobile users in the U.S. and Canada as part of a new campaign that uses SMS text message lures related to COVID-19 regulations and vaccine information in an attempt to steal personal and financial data.
Proofpoint's messaging security subsidiary Cloudmark coined the emerging malware "TangleBot."
"The malware has been given the moniker TangleBot because of its many levels of obfuscation and control over a myriad of entangled device functions, including contacts, SMS and phone capabilities, call logs, internet access, and camera and microphone," the researchers said.
Besides capabilities to obtain sensitive information, the malware is engineered to control device interaction with banking or financial apps using overlay screens and plunder account credentials from financial activities initiated on the phones.
Opting to update the software results in the installation of the TangleBot malware on the Android device.
"Even if the user discovers the TangleBot malware and it is able to remove it, the attacker may not use the stolen information for some period of time, rendering the victim oblivious of the theft."
News URL
http://feedproxy.google.com/~r/TheHackersNews/~3/onZZ-BuixwQ/new-android-malware-targeting-us.html
Related news
- PixPirate Android malware uses new tactic to hide on phones (source)
- Over 100 US and EU orgs targeted in StrelaStealer malware attacks (source)
- Vultur banking malware for Android poses as McAfee Security app (source)
- SoumniBot malware exploits Android bugs to evade detection (source)
- New Brokewell malware takes over Android devices, steals data (source)
- New 'Brokewell' Android Malware Spread Through Fake Browser Updates (source)