Cybersecurity analysts Proofpoint have discovered a strain of Android malware called TangleBot. This Trojan is capable of intercepting most of the smartphone’s functions. Once infected with this virus, the mobile device becomes the ideal spy and surveillance gadget, TechSpot reports .
According to the assurances of the researchers, TangleBot is sending SMS to users in the United States and Canada, which are disguised as a mailing list about the rules related to the COVID-19 coronavirus infection pandemic. Also, users receive messages related to a possible power outage. Such mailings encourage potential victims to follow the link to the site.
It indicates that an update to Adobe Flash is required. When interacting, users are faced with the fact that malware is downloaded to the smartphone. Attackers hope that naive people will not pay attention to the fact that Flash support was discontinued in December last year, while it has not been working on mobile devices since 2012.
If successful, TangleBot can fully penetrate the smartphone, gaining control over audio and video recordings from the microphone and camera, as well as the ability to view visited sites and gain access to a collection of stored passwords. In addition, the Trojan can extract data from SMS messages and any content stored on the device.
TangleBot can also grant permission to change device configuration parameters and allow attackers to view user location data. Additionally, the Trojan is able to block and make calls. A particularly dangerous strain of malware has become due to advanced behavior patterns, as well as the ability to transfer data and the procedure for decrypting strings for obfuscation.