Mazar BOT malware invades and erases Android devices

Image

Android smartphone users should be aware of a dangerous new type of malware that spreads via spam SMS or MMS messages that link to a malicious app file.


Android smartphone users should be aware of a dangerous new type of malware that spreads via spam SMS or MMS messages that link to a malicious app file. The Mazar BOT, as it is called, tricks the Android user into gaining administrative access to the infected Android phone and can then erase any stored data. Although security research experts believe this malware has several hidden capabilities that are still being discovered, they know this malware will turn your smartphone into part of a hacker botnet web.

How the Mazar BOT attacks Androids

Android mobile phone users receive this (or similar) SMS or MMS message that includes a link to a malicious Android application package (APK):

“You have received a multimedia message from + [country code] [sender number] Follow the link http://www.mmsforyou.net/mms.apk to view the message.”

When the user clicks on the link, a download of a file with the generic name of “MMS Messaging” is initiated. If the user installs the app, the Mazar BOT is able to grant itself administrator rights on the now-infected Android. From then on the cybercriminals behind the bot are able to access all stored data and use the Chrome browser to see the user’s history and potentially launch

[MITM (man-in-the-middle) attacks. Essentially the hackers have complete control over any function the Android device can perform, like making phone calls and sending and reading messages — which could include two-factor authentication (2FA) texts from users’ banks or social media accounts.

Although the Mazar BOT has been available for sale on the Dark Web for a few months, authorities have not found the cybercriminals behind this virulent malware. However, the fact that the malware cannot be downloaded on Android devices set to the Russian language may indicate its country of origin.

How to stay protected

1. Don’t click on links in SMS or MMS messages.

2. Only install apps from reliable sources like the Google Play Store.

3. Protect your mobile devices with Internet security software, like Norton Mobile Security.

Norton logo
  • Norton
Norton empowers people and families around the world to feel safer in their digital lives

Editorial note: Our articles provide educational information for you. Our offerings may not cover or protect against every type of crime, fraud, or threat we write about. Our goal is to increase awareness about Cyber Safety. Please review complete Terms during enrollment or setup. Remember that no one can prevent all identity theft or cybercrime, and that LifeLock does not monitor all transactions at all businesses. The Norton and LifeLock brands are part of Gen Digital Inc. 

Contents

    Want more?

    Follow us for all the latest news, tips and updates.