Published: February 23, 2022 on our newsletter Security Fraud News & Alerts Newsletter.
First seen last month in Canada and the U.S., new Android malware has been named Tanglebot. It allows attackers to gain access to all user activity via the camera and microphone, monitor the user's location, and steal any data on the device, including messages and stored files.
Tanglebot is spread via malicious text message, also known as smishing. This is an increasingly common method of spreading malware. Both phishing emails and smishing texts work by persuading victims to click on a link that they may otherwise not do.
In this case, once the link is clicked, “Tanglebot” victims are informed that Adobe Flash Player needs to be updated.
NEWS FLASH!! Adobe stopped supporting Flash in December 2020, so no one should get a legitimate message from them about more updates. If the link is clicked, the user is led through a series of dialogue boxes allowing the attackers to install and configure the malware and take over your device. Of course, no one wants that to happen to their own products, but there are steps to take to avoid this:
Always remember that you will not receive new updates from Adobe for Flash. They are no longer supporting it, therefore not providing updates.
Take a few moments to really look at text messages. Don’t just click them. That can get you into trouble.
If you suspect your Android device has been compromised, seek assistance from technical support or your IT department.
Keep up to date: Sign up for our Fraud alerts and Updates newsletter
Want to schedule a conversation? Please email us at firstname.lastname@example.org