Mazar malware can take control of Android phones via SMS
This is just the latest in the rather protracted history of Google's struggles to tighten Android security
If you are using an Android phone, pray that you do not receive this rather innocuous looking SMS. Heimdal, a Danish security firm, has unearthed what is a particularly dangerous malicious software, designed to gain administrator-level rights to an Android phone’s software, and subsequently render it useless.
Called Mazar, the malware arrives on your phone as a link in an SMS. If the user clicks on it and runs the .apk (Android app installation package, in simple terms), it can install and gain administrator rights on phones, allowing it to wipe all data on the smartphone, make calls, change network connectivity, tweak phone settings, block calls, control the phone’s hardware keys, lock the phone and even read texts. (Read more here)
Heimdal warns that “attackers can open a back door into Android smartphones, to monitor and control them as they please, read SMS messages, which means they can also read authentication codes sent as part of two-factor authentication mechanisms, used also by online banking apps and e-commerce websites, and use their full access to Android phones to basically manipulate the device to do whatever they want".
Incidentally, Heimdal says that this malware cannot install itself on Android phones where the default language is set as Russian. While Heimdal believes that over 100,000 phones have received the Mazar text in Denmark, it clarifies that “the geographical extent is so far unknown, so please exercise caution".
The Mazar malware uses the TOR network, in an apparent bid to hide the origin of the malware, and also the servers it will subsequently be sending data to.
As a user, there are a few things to keep in mind to keep yourself safe from Mazar malware. First, do not click on any link sent through what may otherwise look like a seemingly harmless message. The reality is that smartphone operating systems may not be as robust in terms of handling security threats as their desktop counterparts. Secondly, Settings -> Security -> Unknown Sources – allows installation of apps from sources other than the Play Store, and make sure this option is turned off. Also, avoid connecting to unknown, unsecured or any Wi-Fi hotspot that potentially promises free Wi-Fi access.
This does serve as a reminder that Google still has a lot of work to do in terms of making Android more secure against malicious software attacks. Last year, Android kept facing malware attacks, which forced Google to whip the phone makers into shape, and promise monthly Android security updates for the phones that they sell. However, the very underpinnings of Android may need to be looked at, to make it more secure. Incidentally, BlackBerry’s Priv smartphone (read review here:) uses Android as the underlying operating system, but the company adds a lot of encryption features to secure data and also locks down parts of Android that it believes are vulnerable to malware attacks. Perhaps, Google and other Android phone makers can take a cue from that.