Deleting and destroying all data in smartphone Malicious malware "Mazar" is spreading infection

Malware that intrudes into smartphone via text message application such as SMS or MMS "Mazar"Was found in more than 100,000 terminals. Mazar not only reads and destroys the data inside the terminal, but sometimes calls out to the paid calling service without permission, so there is a danger that the user will be charged a high usage fee.

Security Alert: Mazar BOT Spotted in Active Attacks? The Android Malware That Can Erase Your Phone - Heimdal Security Blog

Android Mazar malware that can 'wipe phones' spread via SMS - BBC News

According to Heimdal, a security company in Denmark, someone sends malicious text messages to more than 100,000 Android terminals in Denmark and users who tap the link in the message are infected with malware called "Mazar" It was said that it was made clear. Mazar deprives smartphone's administrator's privileges, launches the phone application to make calls without permission, and can read the contents of text messages. According to Heimdal, this is the first time that Mazar was found in a large area. It is unclear whether or not smartphones outside of Denmark suffered similar damage.

According to a study conducted by Heimdal, a text message sent by an attacker includes a multimedia link such as an image or a video, and when the link is tapped and opened, the Tor software is automatically downloaded, and anonymous Internet connection seems to start. After that, Mazar was downloaded to the smartphone via Tor communication, a backdoor was installed, and it became possible to monitor and control the smartphone from the outside. For example, by intercepting the contents of SMS2 step verificationThere is a danger that it will break through. Also, an attacker may make repeated calls to a paid call service, and users may be charged a high usage fee.

Experiment with Heimdal's company using Android 4.4 KitKat-equipped smartphone, it seems that the terminal equipped with OS of Android 4.4 or later turned out to be infected with Mazar. It is also obvious that Mazar can be prevented from intruding only when the operating language of the OS is set to Russian. Heimdal CEO Morten Kjaersgaard commented, "Malware having the feature that it can not be installed on a Russian terminal has been found even in the past malware for PCs."

Heimdal calls for the following measures as "Android users should take measures to prevent Mazar infection".

· Do not open the link in the text message unnecessarily
· Turn off "Allow installation of unknown source application" in "Security" setting
· Install anti-virus application
· Check Wi - Fi spot before connecting. Turn it off when not using the Wi-Fi function.
·VPNInstall connection protocol and use VPN connection
· Check if smartphone is behaving strange behavior

ByErvins Strauhmanis

When BBC told Google's spokesperson about this case, "There are over 1 billion devices on Android in the world, but on Google Play 200 million security / Android terminal is properly protected because we are scanning, "he said. In 2014 Android malware apps have increased fourfold in yearsresearch resultHowever, Google notifies BBC, "The number of terminals on which potentially harmful apps are installed is less than 1% of the whole Android terminal, and there are only cases where harmful applications were installed via Google Play It is only 0.15%, "commenting on Android's security enhancement.

in Mobile,   Security, Posted by darkhorse_log