Warning over Android SMS that can wipe your phone
Security experts have warned about a new Android virus spread by text message.
Dubbed ‘Mazar’, it allows attackers to control or monitor devices, send SMS messages to premium numbers and read text messages.
Heimdal Security uncovered the threat by analysing a text message sent randomly to users containing a link like the one below:
You have received a multimedia message from +[country code] [sender number] Follow the link http: //www.mmsforyou [.] Net /to view the message.
When run on Android smartphones, the link installs TOR – an anonymity network – which connects to a server. An automated SMS with the message ‘Thank you’ is sent to a number in Iran – also sending the device’s location data.
In a blog post, Andra Zaharia from Heimdal Security detailed what the virus can do:
- Open a backdoor into Android smartphones, to monitor and control them as they please
- Send SMS messages to premium channel numbers, seriously increasing the victim’s phone bill
- Read SMS messages, which means they can also read authentication codes sent as part of two-factor authentication mechanisms, used by online banking apps and e-commerce websites
- Use the full access to Android phones to basically manipulate the device to do whatever the attackers want
Mazar Android BOT is a known type of Android malware, but Heimdal Security says it’s the first time it has seen the code being used in active attacks.
Interestingly Heimdal Security says Mazar BOT will detect the selected language option and won’t run on Russian Android smartphones.
How to protect your phone from malware and viruses
If you have an Android phone, follow the steps below to protect your device:
1: Don’t click on any suspicious links sent via text
2: Don’t allow your phone to install apps from places other than Google Play Store. Do this by heading to Settings – Security and turn on Unknown Sources