The Danish security company, Heimdal, has this week detailed a powerful type of malware that will essentially erase your Android device as long as you’re not using Android in Russian.
Safe to say that Mazar is Russian malware?
While a nasty bit of software there are ways of avoiding any possible Mazar infestation or attack. First, Mazar doesn’t seem to affect phones where Android is installed in Russian. This certainly suggests that the malware itself was designed by Russians and Russians not wanting their own malware to wipe their phones.
Additionally, Android devices ship with a default setting that only allows software to be installed from the Google Play store. If you have, however, unchecked this box in settings you set yourself from all sorts of attacks extending past this Mazar malware that gains administrator rights on your phone and can be used to make calls, read texts as well as simply wipe your phone.
Clearly, with pay number out there, you don’t want anyone to have such access where it charges up hundreds of dollars to a pay number while you sleep.
Mazar arrives to your phone as an innocent looking SMS message with a link to something that looks like a multimedia message. Let’s stop there, why would you open this? But the sad fact is that many do open links like this. If you make the mistake of going to this link, the malware installs Tor software and from there you are vulnerable to outside control of your device. Heimdal is reporting that they believe that the malware has been sent to over 100,000 phones in Denmark alone over the last few weeks.
So far, no other individual or security company has detected such a widespread attack.
You really don’t want this malware
In addition to making pay calls. An infected phone can also be made to send texts to premium numbers which cost the user and are very difficult to recoup your losses. You bank has ways of protecting your from fraud if your credit card information is gleaned by someone and used. This is not the case with premium numbers for texts where you will likely find yourself on the hook for all the financial damage caused.
“It can do a lot of damage – maybe running up a big phone bill for which the customer would be liable,” chief executive of Heimdal, Morten Kjaersgaard told the BBC recently.
“It’s not like when you use your credit card and there’s an international standard for banks covering [fraud].”
While Heimdal limited its testing to phone running Android Kitkat 4.4, the company believes that this pernicious piece of malware also affects older versions of Android though the company is not certain.
In a nutshell, this really shouldn’t affect you if you don’t open mystery links sent to you by SMS. I mean really, why would you. Additionally, it seems silly to change the default security settings limiting download sources and installation from third-party sites. If you need an app from one of these and you know it to be safe, go ahead and change the default to download, but then return it to the default setting and you should be good.
“Over one billion devices are protected with Google Play which conducts 200 million security scans of devices per day,” a Google spokeswoman said.
“Fewer than 1% of Android devices had a Potentially Harmful App installed in 2014, and fewer than 0.15% of devices that only install from Google Play had a Potentially Harmful App installed,” she added.
And that right there is the crux of the whole matter.