We have seen many malwares affecting the Android ecosystem & Google releasing security patches for them . Some OEMs also release regular security patches in order to fight with these malwares.
Now as per a report from Danish security firm Heimdal, they have discovered a new Android Malware named Mazar which can cause erase of full data in your Android phone. This can be done with just a single text message to your phone which will be converted to a multimedia message when you open. This also gains administrator permissions such as SEND_SMS, RECEIVE_BOOT_COMPLETED, INTERNET, SYSTEM_ALERT_WINDOW, WRITE_SMS, ACCESS_NETWORK_STATE, WAKE_LOCK, GET_TASKS, CALL_PHONE, RECEIVE_SMS, READ_PHONE_STATE, READ_SMS, ERASE_PHONE.
The SMS / MMS in question arrives with the following contents (sanitized by Heimdal Security):
You have received a multimedia message from +[country code] [sender number] Follow the link http: //www.mmsforyou [.] Net / mms.apk to view the message.
If the APK (which is a program file for Android) is run on an Android-powered smartphone, then it will gain administrator rights on the victim’s device. This will allow the attackers to:
- SEND_SMS
- RECEIVE_BOOT_COMPLETED
- INTERNET
- SYSTEM_ALERT_WINDOW
- WRITE_SMS
- ACCESS_NETWORK_STATE
- WAKE_LOCK
- GET_TASKS
- CALL_PHONE
- RECEIVE_SMS
- READ_PHONE_STATE
- READ_SMS
- ERASE_PHONE
How to protect yourself against these malwares:
- NEVER click on links in SMS or MMS messages on your phone.
- Go to Settings > Security and make sure this option(Unknown Sources) is turned OFF.
- Install a top class antivirus for Android.
- Do not connect to unknown and unsecured Wi-Fi hotspots.
- Install a VPN on your smartphone and use constantly as it is very good for privacy & security purpose.
- Try be cautious all the time about your phone & personal date a in it.
