Alert !Watch out for that next text message you receive. A new malicious text message malware is out there to attack your Android smartphones. This malicious text message Android-based malware is able to grant itself administrator privileges and completely take over a users’ device.
LogBook : Malicious Text Message can Erase Everything in your Android Phone
Norwegian security firm Heimdal has detected a nasty piece of malware that spreads via SMS and tricks users into downloading a malicious app, allowing it to gain administrator rights to the device.
This new malware is being called Mazar Android BOT and it is spread via SMS and MMS messages. The message will generally look like this:
“You have received a multimedia message from +[country code] [sender number] Follow the link http://www.mmsforyou[.]Net/mms.apk to view your message”
Once it is installed the malicious code embedded inside grants the app administrator privileges. This allows attackers to retrieve device data, monitor calls and text messages, and root the device.
The Mazar malware also has the ability to entirely erase all of the data stored on an infected device. Not only would a users’ device be infected but such a move by attackers could render the device useless as well.
Security firm Heimdal thinks the malicious texts could have been sent to over 100,000 phones in Denmark, though it is not sure whether users in other countries may have received the messages.
This is believed to be the first time Mazar has been detected in widespread, real world attacks.
One interesting feature of Mazar is that it cannot be installed on smartphones running Android with “Russian” selected as the operating system’s language.
Mazar has been available for purchase on the Dark Web for quite a while now but this is the first time it has been actively used on the Android platform.
So how to stay away from this dirty malicious text message malware ? First off, users should not click on links in text messages from strange recipients and not install unknown apps. Additionally, most users should make sure unknown sources cannot install apps (Settings > Security > Unknown sources).