New Android malware can steal personal data and wipe a device's contents

New Android malware can steal personal data and wipe a device's contents
Though mobile security has tightened up a great deal since the early days of Android, keeping the baddies at bay will always be a game of digital whack-a-mole. Danish security firm Heimdal has unearthed a particularly spiteful new piece of malicious software that can gain admin rights to a device and wreak subsequent havoc. 

Once any piece of malware has obtained admin rights, the intruder's overlord gains carte blanche over the target device. The Mazar malware is no exception, and takes full advantage of whatever it can infiltrate. Spread via SMS, it can make calls (potentially to premium rate lines), read texts and delete the contents of an entire Android smartphone or tablet without warning. Heimdal believes that Mazar could have reached up to 100,000 handsets in Denmark, though the effect outside of the Scandinavian nation has yet to be established. 

Mazar can only affect devices where users have permitted untrusted app installations via Settings, though. If you don't know what that means, then you're probably safe on this occasion, since Google's platform blocks installs from unverified sources by default. 

If a device does allow apps to be installed from external sources, then Mazar can sink its claws in. Spread under the guise of a legitimate SMS message containing a link, users that tap on said URL then have Tor installed on their device. Tor's services, for those unaware, allow users to connect to the Internet under a veil of anonymity. Great for privacy, but also useful to a hacker funneling malicious software to and from a device undetected, as is the case here. 

Interestingly, the malware cannot be installed on any device with Russian as its selected as its language. Heimdal has tested the bug on Android 4.4 KitKat, but not on any newer editions for now, so it's unknown whether Lollipop or the latest Marshmallow are susceptible. 

As ever, stick to the Google Play Store wherever possible for all of your downloading needs, and ignore any unsolicited SMS messages if you want to avoid Mazar's evildoing. 

source: BBC

FEATURED VIDEO

49 Comments

43. Krjal

Posts: 448; Member since: Dec 19, 2013

So you not only have to have outside sources allowed but ALSO click on a suspicious link in an sms at the same time? Who is stupid enough to do that?

42. avishekmukherjee

Posts: 362; Member since: Apr 09, 2015

I am crying now

34. ibend

Posts: 6747; Member since: Sep 30, 2014

"spread under the guise of a legitimate SMS message containing a link, users that tap on said URL then have Tor installed on their device" just much effort we need to install this malware? and it even need newer android, language set to russian, and rooted device (and probably no AV installed)

33. keithtae

Posts: 564; Member since: Mar 25, 2015

*Yawn* same thing over and over again.

28. KyleRiemen

Posts: 170; Member since: Oct 29, 2014

So you have to give the app root rights? Or does it get root-rights by its own? If the first is the case and you download an app from "somewhere" and gave it root-rights, then there is nothing to complain about.

26. natypes

Posts: 1110; Member since: Feb 02, 2015

Whoever gets this deserves it. And I hope you get so mad you go buy an apple product. You obviously need a simple device with training wheels like the iPhone.

39. sissy246

Posts: 7129; Member since: Mar 04, 2015

I don't care how mad I get at android I will never buy apple iphone.

24. RoboticEngi

Posts: 1251; Member since: Dec 03, 2014

100.000 infected devices in Denmark. ...he he that's utterly bulls**t. There is only 5 million citizens in Denmark and half owns an iphone. And out of the other half at least 50% of those got Lollipop installed. Now we are close to saying 10% of potential victims are infected. I don't think 10 % got their phone opened up to 3rd party apps. I say they are the usual Danish apple ass licking techies who we got tons of here....

14. RebelwithoutaClue unregistered

Another day another storm in a teacup...

32. Mxyzptlk unregistered

Another day, another clueless response from our resident clueless rebel.

45. RebelwithoutaClue unregistered

Another day, same guy, same lame joke. It never gets old does it honeybun. Take your meds yet? ;) Funny you should use Deadpool as your avatar, since that guy is actually funny ;)

6. Lycan155

Posts: 254; Member since: Nov 24, 2013

Only download apps and games from play store and dont worry Much abot these kind of malwares

7. xq10xa

Posts: 816; Member since: Dec 07, 2010

What kind of apps do people get from unverified sourches? Like is it just them not wanting to pay for the app so they download the file and try to sideload it? Seems like you have to do alot to get hacked like this....

10. Trakker

Posts: 283; Member since: Feb 11, 2016

A lot of gambling, streaming, ad blockers, self published apps etc. You got to realise that there is a lot of reasons why people might not go through Google Play so don't be thinking it's all piracy.

21. marorun

Posts: 5029; Member since: Mar 30, 2015

Yeah its to get free apps mostly thats ppl do this or to get apps not officially available in the country they are or the device they use or illegal apps based on the play store rules.. Its just like Iphone user thats Jailbreak mostly. If you open the door dont cry if bad ppl enter right?

23. Awalker

Posts: 1988; Member since: Aug 15, 2013

I download apps from everywhere but I don't download paid apps. If I like an app I'll pay for it.

5. Unordinary unregistered

Another day another virus

51. joey_sfb

Posts: 6794; Member since: Mar 29, 2012

Apple is the biggest bad ass virus around! From the number of 'Error 53' cases, its EPIC!!. Every malware and virus developers could only dream of such viral achievement.

2. Trakker

Posts: 283; Member since: Feb 11, 2016

All this time and I've still never had any malware on any Android device, unlike other fruity phones that can be bricked by changing the date.

3. Jimrod

Posts: 1607; Member since: Sep 22, 2014

Well that's all the proof you need that there's no problem then, case closed. Like millions of others I've had iPhones from the 3G onwards and also have yet to have any malware or a bricked, bent or exploding phone. Your anecdotal evidence works both ways.

4. Trakker

Posts: 283; Member since: Feb 11, 2016

Good for you!!!

15. vincelongman

Posts: 5838; Member since: Feb 10, 2013

So like the billions of Androids/Windows users, you also have never had malware or viruses Like seriously, I only know 1 person who managed to get a virus and that was back on Windows XP

20. marorun

Posts: 5029; Member since: Mar 30, 2015

Ah on thats end i had lots of friend with virus and malware on PC and MAC computers... Thats maybe because i usually am the one they call to repair the computers when they have issue lol.

22. Awalker

Posts: 1988; Member since: Aug 15, 2013

I think Windows ME was the last time I had a virus on Windows and I don't know of anyone who has had a virus on Android.

19. marorun

Posts: 5029; Member since: Mar 30, 2015

been using android since what 6 years. Working in cellphone industry since nearly 10 years. Not a single android or any other os phone had malware for ALL my clients. This show a lots about those study and such.

27. xocomaox

Posts: 208; Member since: Dec 14, 2015

Never had an issue, either. Plenty of problems with iPhones and upgrading firmware on them. iOS 7 to 8 caused a soft brick on two of my devices. Malware seems to be a fairy tale when it comes to all phones.

1. Ninetysix

Posts: 2967; Member since: Oct 08, 2012

Stay safe android broseph.

8. AkoSiKuting

Posts: 88; Member since: Dec 09, 2015

Android users deserved this, no need sympathy to those keyboard warriors who keep bashing Apple :)

11. Rafishant

Posts: 413; Member since: Oct 13, 2015

Actually, Phonearena website is the biggest malware on internet. This site is keep crushing and lagging on all platforms. I don't know if the management of this website check the lastest miserable and incompetent user experience of this site.

30. Mxyzptlk unregistered

It's the obtrusive ads. This site is impossible on mobile.

Latest Stories

This copy is for your personal, non-commercial use only. You can order presentation-ready copies for distribution to your colleagues, clients or customers at https://www.parsintl.com/phonearena or use the Reprints & Permissions tool that appears at the bottom of each web page. Visit https://www.parsintl.com/ for samples and additional information.
FCC OKs Cingular's purchase of AT&T Wireless