Hackers are at it again, this time they are targeting android phones. If you receive a random text messaging asking you to click on a link you do not recognize, it will be best that you do not do so. A norwegian security firm has recently detected a nasty piece of malware that spreads via SMS and tricks users into downloading a malicious app. This app gains administrator rights to the device; the malware is being called Mazar Android BOT and it spreads via SMS and MMS messages. The message will generally look like this:
“You have received a multimedia message from +[country code] [sender number] Follow the link http://www.mmsforyou[.]Net/mms.apk to view your message”
Upon installation, this malware app allows attackers to retrieve device data, monitor calls and text messages, and root the device. The Mazar malware also has the ability to entirely erase all of the data stored on an infected device. Not only would a users’ device be infected but such a move by attackers could render the device useless as well. Security firm thinks the malicious texts could have been sent to over 100,000 phones in Denmark, though it is not sure whether users in other countries may have received the messages.
This is believed to be the first time Mazar has been detected in widespread, real world attacks. One interesting feature of Mazar is that it cannot be installed on smartphones running Android with “Russian” selected as the operating system’s language. Mazar has been available for purchase on the Dark Web for quite a while now but this is the first time it has been actively used on the Android platform.
So how to stay away from this dirty malicious text message malware ? Most users should not click on links in text messages from strange recipients and not install unknown apps. Additionally, users should make sure unknown sources cannot install apps (Settings > Security > Unknown sources). This will prevent any unknown apps from being installed on your phone.