Cybercriminals Have Unleashed Virus Targeting Phones Through Text Messages, NCC warns Nigerians

The Nigerian Communications Commission (NCC) has alerted Nigerians of a new high-risk, critical and text messages-based malware, TangleBot, infecting Android mobile devices.

TangleBot employs more or less similar tactics as the recently-announced notorious FlutBot SMS Android malware that targets mobile devices, the commission said in a statement on Saturday.

“TangleBot equally gains control of the device but in far more invasive manner than the FlutBot malware”, the NCC said.

The telecom sector regulator said the disclosure on TangleBot was made in a recent security advisory made available to the Commission’s New Media and Information Security Department by the Nigerian Computer Emergency Response Team (ngCERT).

TangleBot Android malware is installed when an unsuspecting user clicks on a malicious link disguised as COVID-19 vaccination appointment-related information in an SMS message or information about fake local power outages that are due to occur.

“The aim behind both or either of the messages (on COVID-19 or impending power outages) is to encourage potential victims to follow a link that supposedly offers detailed information. Once at the page, users are asked to update applications such as Adobe Flash Player to view the page’s content by going through nine (9) dialogue boxes to give acceptance to different permissions that will allow the malware operators initiate the malware configuration process.”

“The immediate consequence to this, is that TangleBot gains access to several different permissions when installed on a device, allowing it to eavesdrop on user communications. The malware then steals sensitive data stored on the device and monitors almost every user activity, including camera use, audio conversations, and location, among other things.

“Furthermore, the malware takes complete control of the targeted device, including access to banking data, and can reach the deepest recesses of the Android operating system.

“The NCC, therefore, wishes to, once again, urge millions of telecom consumers in Nigeria to be wary of such wiles of cyber criminals, whose intent is to defraud unsuspecting Internet users,” the agency said in a statement.

In order to ensure maximum protection for Internet users in the country, the NCC said, the ngCERT has offered a number of preventive measures to be taken by the consumers.

“These measures include an advisory to telecom consumers and other Internet users to refrain from opening Uniform Resource Locators (URLs) from unknown sources while using your mobile devices”, it added

Additionally, it said, telecom consumers should never respond or send reply to messages or call back a phone number that is associated with the text that they are unaware of.

“Should any telecom consumer or Internet user become curious and wish to ascertain the authenticity of any call or messages and wish to probe the incident, such persons may do a web search of both the number and the message content”, the NCC said.

-DailyTrust

About Delia Innoma

Delia Innoma is a prolific writer, promoter, artist manager with full professional proficiency in English, German and Igbo languages. She studied accounting and computer programming at the Institute of Management and Technology Enugu and Germany respectively. Delia is also a devoted mother of two and she founded the Diamond Celebrities Magazine. Her sense of responsibility and commitment to the Christian faith are essential forces driving her daily activities.

No comments yet... Be the first to leave a reply!

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: