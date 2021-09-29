The COVID-19 pandemic has affected in ways that go beyond the physical and mental health aspects. For example, in the United States, false or automated calls during the first 5 months of 2021 reached 22 million. Likewise, cyber attacks have multiplied, with hackers taking advantage of the situation. With all this situation, a new malware called TangleBot appears and it affects Android devices.

Its method of propagation is through SMS, sending messages with links that claim to have new information about COVID-19.

SMS and Flash Player update, the modus operandi of the new TangleBot malware

The SMS platform is still active and is still useful for those times when the mobile network is down. However, it is also noteworthy that SMS messages are much more used by older people. This is precisely what the creators of the new TangleBot malware take advantage of for the success of their purposes on Android devices. Something that may be assuring them of a really accelerated spread, like the same COVID-19 that they claim to report.

Image source: Tech Republic.

The alert was raised by the security firm Cloudmark, indicating that there are several models of messages that are sent. Some say that there are new biosecurity regulations for COVID-19 and others that you have been selected for a third dose.

Image source: Tech Republic.

What all the messages have in common is that they are accompanied by a link that, when you follow it, will indicate that you must update Adobe Flash Player. When you accept, what actually gets installed is TangleBot.

However, this is a point worth considering because Adobe ended support for Flash Player in December 2020. So if for any reason you get a notification like this, you should know that it is false.

What does TangleBot do?

We already know that the new TangleBot malware spreads via SMS and infects when installed by pretending to be Adobe Flash Player. After this, the first function of TangleBot is to continue spreading, that is, to send more SMS messages from your device to your contacts. On the other hand, malware can have access to various sections of your computer such as the camera, microphone or the screen.

However, it can get a lot worse because you also get access to the window overlay. In that sense, TangleBot has the ability to look at everything you do on your smartphone and therefore steal information.

To avoid being infected with this type of malware, we must be attentive to details such as installation requests. If we receive a link and visit it, we must not accept any type of request that the page throws up. Likewise, it is highly recommended to avoid visiting links from unknown numbers. If they talk about changes in the regulations for COVID or a new dose of vaccine, it is best to take a look at Google first.