The Nigerian Communications Commission (NCC) made a press release urging Nigerians to beware of TangleBot. Tangle Bot is a Short Message Service-based Malware that infects Android devices. The Nigeria Computer Emergency Response Team (ngCERT) reported it to the media and information security department.
Earlier, Flutbot, an SMS-based malware aimed at Android mobile devices, had been announced. TangleBot seems to be more invasive than the Flutbot, employing more or less approach.
TangleBot is installed when a mobile user clicks on a malicious link, masked as COVID-19 vaccination-related data in an SMS or data about nearby blackouts that are expected to happen.
NCC clarified that the point behind either or any of the messages (on COVID-19 or approaching power outage) is to urge possible victims to follow a link that offers definite information. Once at the page, users are approached to refresh applications, for example, Adobe Flash Player, to view the page’s content by going through nine dialogue boxes to acknowledge various consents that will permit the malware administrators to start the malware setup process.
As a result, TangleBot can gain access to various permissions and can also be used to spy on a user’s communication and every one of their activities like location, audios, camera use, e-banking transactions, etc.
“The NCC, in this way, wishes to, indeed, encourage a huge number of telecom buyers to be careful about such wiles of cybercriminals, whose goal is to swindle clueless Internet users.”
To guarantee the most extreme security for Internet clients in the country, ngCERT has offered various preventive measures to consumers.
They incorporate a warning to telecom purchasers and other Internet clients to forgo opening Uniform Resource Locators (URLs) from obscure sources while utilizing cell phones.
The NCC also repeated that mobile users have a duty to practice safe messaging practices and avert clicking on any links in texts, no matter how legitimate the source is. Also, it is crucial to be wise while installing any apps by reading the install prompts well enough and then looking out for information about rights and privileges that the app may request.
Press Release
— ncc.gov.ng (@NgComCommission) January 29, 2022
New SMS-based Android Malware, TangleBot, Unleashed by Cybercriminals
Link: https://t.co/YTxsO72Bk9#CyberAttack #malware #tanglebot pic.twitter.com/oHMoI3hP5L
ngCERT also advised users to be careful when acquiring software. It is encouraging to get the software from the Certified application store.
Any issue of a system compromise can be directed to the ngCERT through [email protected] to get assistance with the technical support required.
Please visit us @GoSpeedHub on Facebook, Instagram, and Twitter for more information.
Photo Credit : NCC
