New Mazar Bot Steals and Then Wipes Your Phone's Con­tent

HWM (Malaysia) - - TELEPORT -

Vi­cious mal­ware. The mere men­tion of th­ese two words is enough to set peo­ple on edge, both in the con­sumer and cy­ber se­cu­rity sec­tors. De­pend­ing on the na­ture of the mal­ware, the hack­ers re­spon­si­ble for un­leash­ing them could ei­ther hold an elec­tronic de­vice hostage or even act as a sleeper bug, set to ac­ti­vate only when the de­vice is plugged into a tar­get sys­tem.

Sadly, An­droid users have it tough this year, as Dan­ish se­cu­rity firm Heim­dal found and con­firmed that a new mal­ware, known as Mazar Bot, is ca­pa­ble of al­low­ing at­tack­ers to con­trol a user's An­droid phone, as well as ac­cess the af­fected de­vice's ser­vices and in­for­ma­tion at will.

Mazar Bot starts off sim­ply as an MMS mes­sage, con­tain­ing a ma­li­cious APK file that once opened, give the hacker the afore­men­tioned ac­cess to the phone. Ac­cord­ing to Heim­dal, the mes­sage looks some­thing like this:

“You have re­ceived a mul­ti­me­dia mes­sage from +[coun­try code] [sender num­ber] Fol­low the link http://www.mms­foryou [.] Net / mms.apk to view the mes­sage.”

Once the APK file is opened, it gives the at­tacker ac­cess to your phone's ad­min­is­tra­tor rights, and will pro­ceed to in­stall a harm­less Tor (The Onion Router), a type of soft­ware used by in­di­vid­u­als who are usu­ally denizens of the more ne­far­i­ous Dark Net com­mu­nity.

Fun­nily enough, Heim­dal stated that the Mazar Bot mal­ware was pro­grammed in such a way that it doesn't at­tack smart­phone that uses Rus­sian as the de­fault lan­guage, a point that could point to the ori­gins of the mal­ware cre­ators.

The Mazar Bot mal­ware is the lat­est type of in­tru­sion soft­ware to be cre­ated this year.

Newspapers in English

Newspapers from Malaysia

© PressReader. All rights reserved.