Macro Systems Blog
TangleBot: A New Malware That Targets Androids
You often hear about malware that infects desktop PCs, laptops, or servers, but other kinds of malware that infect mobile devices also exist. One such malware, a threat called TangleBot, has been discovered, and it can become seriously problematic for both workers and consumers utilizing Android devices, especially in the modern mobile-centric workplace.
TangleBot is a malware that allows hackers to gain full control over the infected device, allowing them to steal personal information and other critical credentials. Once the malware is installed on the infected device, attackers gain several permissions, including the ability to spy on communications with the device as well as use of applications like the camera, the device’s location, listening in through the microphone, and more. Suffice to say that this malware is capable of doing a lot of harm, especially since it has permissions to do so much. It can essentially monitor and record just about all user activity, from websites visited to credentials entered to recording video and listening to audio.
This particular brand of malware spreads through text messages and infected links sent to the device. The user is encouraged to click on a link referencing the subject of the SMS message, usually something related to the COVID-19 pandemic and vaccination appointments or local power outages. After the user follows the link, they go through a series of messages allowing the attacker privileges that no applications on your phone should allow.
As you might suspect, most of the best practices that keep your users safe can also be used to secure your business from mobile malware. Using a bit of scrutiny when handling suspicious links can go a long way toward keeping your company as secure as possible, but only if you encourage your staff to always be wary of what they are clicking on, both on the desktop and on the mobile device.
These practices are especially critical in today’s workplace environment where many businesses have employees who are working remotely either part of the time or full-time, and especially imperative if the devices are company-owned and used to access sensitive workplace data. There are ways to secure devices that involve whitelisting and blacklisting various apps, including the ability to disable installing applications via links. In general, employees should be advised not to download applications that are not approved… particularly those that allow for insane amounts of permissions.
Macro Systems can help train your employees to identify and avoid threats of all kinds. Moreover, we can equip your company with the tools needed to prevent infections and keep threats to a minimum. To learn more, reach out to us at 703-359-9211.
Comments