New Android Malware Spreads through SMS
Heimdal Security, a danish computer security firm has discovered a new malware targeting Android phones around Europe, the company stated that the virus has already been sent to over 100,000 smartphones in Denmark alone.
Mazar – as coined by the security firm- is a virus that spreads through SMS sending a link to the victim’s smartphone, tricking the user into believing that the link will show them a MMS, but instead the link downloads a malicious MMS viewer application running with root privileges that lets the attacker make arbitrary changes to the smartphone.
The malware is also able to read and send SMS messages, make calls, inject itself into the Google Chrome browser and download other potentially dangerous software. The virus allows the attacker to harvest sensitive data from the user’s smartphone, from passwords and web activity, to even wiping the entire smartphone’s memory.
According to the company, so far, the malware seems to only affect smartphones up to the Android KitKat version, possibly revealing that it was mainly targeting people with bad security practices, since Android smartphones have gone through several major version updates since the release of KitKat.
Morten Kjaersgaardm, chief executive officer of Heimdal Security, revealed that interestingly enough the malware seems to refuse infecting smartphones if the device had Russian selected as language, probably to not get investigations conducted by the Russian police agencies. Kjaersgaardm also emphasized the fact this pattern can be seen in many other viruses for PC which also avoid infecting computers in Russian. In an interview with the BBC, Kjaersgaardm stated:
“The malicious software won’t affect Russian language devices. It can do a lot of damage, maybe running up a big phone bill for which the customer would be liable, it’s not like when you use your credit card and there’s an international standard for banks covering [fraud].”
To this day, major anti-virus databases are already updated to eliminate this threat. The advice Kjaersgaardm gives to users is to keep up-to-date with updates and maintain good security practices.