Can Android phones be hacked by cybercriminals?

Malware allows technothieves to spy on phone’s owner, steal financial info.

Android phone users in Canada and the United States should be wary of a new cybercrime technique that can steal personal information, control interaction with apps and steal account information from phone financial activities.

That’s the warning coming from California-based global online security firm Proofpoint whose threat analysts say short messaging services (SMS) are being targeted through malware attacks.

“Harvesting of personal information and credentials in this manner is extremely troublesome for mobile users because there is a growing market on the dark web for detailed personal and account data,” a Proofpoint report released Sept. 21 said.

Indeed, the technocrooks can even use an Android’s camera and microphone to spy on the phone’s owner.

The technique is called smishing, a phishing cybersecurity attack done over mobile text messaging.

“Mobile users should be on the lookout for this extremely advanced smishing lure that relies on multiple layers of obfuscation and entangled functions to cleverly hide its download as a software update that can take control of your phone and share personal information with the attacker,” said Jacinta Tobin, Proofpoint’s vice-president of Cloudmark Operations.

Those entangled functions have led to the malware being dubbed Tanglebot.

“TangleBot uses SMS text message lures with content about COVID regulations and the third dose of COVID vaccines to trick mobile subscribers into downloading malware, which then takes over their phone,” the Proofpoint report said.

If users click on the link about a third dose, a website appears notifying the user that the Adobe Flash player on the device is out of date and must be updated. If subsequent dialog boxes are clicked on, the TangleBot malware is installed on the Android.

Once that malware is installed, TangleBot is granted privileges to access and control many device functions, including contacts, SMS and phone capabilities, call logs, internet, camera and microphone, and GPS, Proofpoint found.

“The attacker can now make and block phone calls; send, obtain, and process text messages;…