Android Malware Mazar Spreads Via SMS In Denmark
A new Android malware has been discovered by Hemidal Security in Denmark that can gain complete control over your smartphone. The malware titled Mazar was discovered by the security firm a couple of days ago. Mazar first surfaced on the Dark Web last year and has made its way to the public this month. The firm speculates that this malware is responsible for sending malicious link laden text messages to about 100,000 smartphone users in the country and could soon be venturing into other parts of the world. The team has not yet been able to trace the location of the attackers nor has it been able to know the exact geographical extent of Mazar.
The malware Mazar spreads in the following manner. An Android smartphone user receives a message from an unknown number asking it to view a MMS that has been send from a particular sender. The message asks you to click on a web address to view the contents of MMS. Once the link opens on your browser you will be asked to install an APK for an application cleverly titled ‘MMS Messaging’. The app once installed gains complete access. The app retrieves anonymous browsing service Tor and installs it on your smartphone. Once Tor is installed, it will open an onion link to connect to the bot’s servers. The purpose of using Tor is to hide the actual IP address of the attacker. The malware then on its own sends a ‘Thank You’ text message to an Iranian cellular number containing the GPS coordinates of the affected Android smartphone.
While the actual intention of the Mazar malware is unknown, the ways in which it can affect your privacy are plenty as it gains full device access such as reading and sending text messages and accessing storage. One of the intriguing features of Mazar malware is that it has been instructed not to run on Android devices which have Russian as their default language. As a concerned smartphone user you do not have to take drastic measure of changing your system language to Russian, just make sure that you do not click any suspicious links that come in messages from unknown contacts. Make sure that your have allowed only Google verified APKs to run in Android smartphone and check that trusted apps have device administrator access on your smartphone.
Source: <a href="https://heimdalsecurity.com/blog/security-alert-mazar-bot-active-attacks-android-malware/" target="_blank" rel="nofollow noopener noreferrer">Security Alert: Mazar BOT - the Android Malware That Can Erase Your Phone</a> via <a href="https://www.bbc.com/news/technology-35586446" target="_blank" rel="nofollow noopener noreferrer">Android Mazar malware that can 'wipe phones' spread via SMS - BBC News</a>
The malware Mazar spreads in the following manner. An Android smartphone user receives a message from an unknown number asking it to view a MMS that has been send from a particular sender. The message asks you to click on a web address to view the contents of MMS. Once the link opens on your browser you will be asked to install an APK for an application cleverly titled ‘MMS Messaging’. The app once installed gains complete access. The app retrieves anonymous browsing service Tor and installs it on your smartphone. Once Tor is installed, it will open an onion link to connect to the bot’s servers. The purpose of using Tor is to hide the actual IP address of the attacker. The malware then on its own sends a ‘Thank You’ text message to an Iranian cellular number containing the GPS coordinates of the affected Android smartphone.
While the actual intention of the Mazar malware is unknown, the ways in which it can affect your privacy are plenty as it gains full device access such as reading and sending text messages and accessing storage. One of the intriguing features of Mazar malware is that it has been instructed not to run on Android devices which have Russian as their default language. As a concerned smartphone user you do not have to take drastic measure of changing your system language to Russian, just make sure that you do not click any suspicious links that come in messages from unknown contacts. Make sure that your have allowed only Google verified APKs to run in Android smartphone and check that trusted apps have device administrator access on your smartphone.
Source: <a href="https://heimdalsecurity.com/blog/security-alert-mazar-bot-active-attacks-android-malware/" target="_blank" rel="nofollow noopener noreferrer">Security Alert: Mazar BOT - the Android Malware That Can Erase Your Phone</a> via <a href="https://www.bbc.com/news/technology-35586446" target="_blank" rel="nofollow noopener noreferrer">Android Mazar malware that can 'wipe phones' spread via SMS - BBC News</a>
0