Android malware hijacks smartphones

Security experts find malware capable of controlling smartphones and erasing data
Android malware hijacks smartphones, Terminals

Share

Android smartphone users are facing a new strain of mobile malware, dubbed Mazar Bot, which provides attackers complete administration rights to monitor and control every aspect of the device.

This new malware is unlike other Android exploits as it targets users with a direct message instead of going through a third-party application download. Security experts at Heimdal Security said Mazar Bot spreads malware exploits through SMS and MMS messaging and creates a malicious link, which reads:

‘You have received a multimedia message from +[country code] [sender number] Follow the link http: //www.mmsforyou [.] Net / mms.apk to view the message.'

If installed, the malicious code spreads through the phone and creates havoc. It is able to send malicious text messages, anonymously access the Internet, put the phone into sleep mode and most worryingly, erase content from the device and access authentication codes used for online banking and social media accounts.

Mazar Bot can also secretly download Tor which enables it to connect anonymously to the Internet to the alert the attacker that the device has been compromised. Furthermore, it can install the Android-based Polipo Proxy application, enabling the attacker to spy on all Internet traffic passing through the smartphone.

According to Andra Zaharia, security specialist at Heimdal Security, this could prompt Man-in-the-Middle attacks, which are often used to steal sensitive details, such as personal banking credentials.

Heimdal Security experts suggests the attackers are Russian and say the malware is only likely to evolve in the coming months.

"Attackers may be testing this new type of Android malware to see how they can improve their tactics and reach their final goals, which probably is making more money," said Zaharia. "We can expect this malware to expand its reach."

Editor's Choice

Emerson expands analytics platform for industrial enterprise-level wireless infrastructure management
Plantweb Insight platform adds two new Pervasive Sensing applications that manage wireless networks more efficiently with a singular interface to the enterprise
Digitalisation seen as a competitive advantage by Middle East private businesses
Nearly 80 per cent of private business leaders acknowledge that digitalisation can impact business sustainability
Etisalat introduces Multi-Access Edge Computing architecture delivering best-in-class video streaming performance for 5G networks
MEC architecture achieves performance gains of as much as 90% in video streaming, validating how ultra-low-latency applications will be delivered over 4G and 5G networks

Most popular

Don't Miss a Story