The Nigerian Communications Commission, NCC, has warned the general public against a new high-risk, critical short message service–based malware, TangleBot, infecting Android mobile devices.
Dr. Ikechukwu Adinde, Director, Public Affairs, NCC, stated this in a statement released on Saturday in Abuja.
Mr. Adinde noted that TangleBot employs roughly similar tactics to the recently announced notorious FlutBot SMS Android malware that targets mobile devices.
He said that TangleBot also gains control of the device, but in a much more invasive way than the FlutBot malware.
Malware also called malicious software, is any program or file that is intentionally harmful to a computer, network, or server.
He said the disclosure about TangleBot was made in a recent security advisory made available to the commission’s Department of Information Security and New Media by the Nigerian Computer Emergency Response Team, ngCERT.
“TangleBot Android malware is installed when an unsuspecting user clicks on a malicious link disguised as information related to a COVID-19 vaccination appointment.
“This could be in an SMS message or information about fake local power outages that are about to happen.
“The goal behind both or any of the messages about COVID-19 or impending power outages is to encourage potential victims to follow a link that purports to offer detailed information.
“Once on the page, users are prompted to update applications such as Adobe Flash Player to view the page content.
“Going through nine nine dialogs to accept different permissions that will allow malware operators to start the malware setup process.
He said the immediate consequence of this is that TangleBot would gain access to several different permissions when installed on a device, allowing it to listen in on user communications.
He explained that the malware then steals sensitive data stored on the device and monitors almost all user activities, including camera use, audio conversations, and location, among other things.
However, the DPA said that the malware takes complete control of the target device, including access to banking details, and can reach the deepest corners of the Android operating system.
He urged millions of telecom consumers in Nigeria to beware of such schemes by cybercriminals, whose intent would defraud unsuspecting Internet users.
To guarantee maximum protection to internet users in the country, Adinde said that the ngCERT has offered a series of preventive measures to be taken by consumers.
He reported that the measures include a warning to telecommunications consumers and other Internet users to refrain from opening Uniform Resource Locators (URLs) from unknown sources while using their mobile devices.
“Telecom consumers should never answer or send reply messages or call back a phone number that is associated with text they do not know.
“If any telecommunications consumer is curious and wants to determine the authenticity of any call or message and wants to investigate the incident, they can perform a web search on both the number and the content of the message.
“The NCC hereby reiterates that mobile device users have an obligation to practice safe messaging practices and avoid clicking on any links in texts, even if they appear to come from a legitimate contact.
“It’s important to be judicious when downloading apps by carefully reading the installation prompts, looking for information about the rights and privileges the app may request,” he said.
He said that other risk mitigation measures recommended by ngCERT are that users be careful when purchasing any software outside of a certified app store.
“It is safer to call the company directly rather than using the phone number in the received message, especially if the message is a fake from a company.
“Telecommunications consumers and other Internet users should report any system compromise incidents to ngCERT via [email protected] for the necessary support and technical assistance.
“The Commission expresses its commitment to continually inform and educate mobile phone subscribers and Internet users in Nigeria about cyber risks, regardless of how they manifest.
“This is to insulate them from the dangers and losses that arise from cybercrime of any kind,” he said.
