Tech Made Simple

Hot Topics: How to Fix Bluetooth Pairing Problems | Complete Guide to Facebook Privacy | How to Block Spam Calls | Snapchat Symbol Meaning

We may earn commissions when you buy from links on our site. Why you can trust us.

author photo

New Android Malware Lets Hackers Erase Your Phone

by Elmer Montejo on February 16, 2016

Enabling installation from unknown sourcesYour photos, contacts, messages, documents, music — everything on your phone obliterated in the blink of an eye, and you can do nothing to stop the full wipe. This possibility is real with the currently circulating Android Mazar BOT malware.

It all begins with a seemingly innocent SMS or MMS message that says “You have received a multimedia message from +[country code] [sender number] Follow the link http: /www.mmsforyou [.] Net / mms.apk to view the message.”

If you receive such a message, resist the urge to satisfy your curiosity. Do not click the included link. That MMS could expose your phone to the Mazar Android BOT malware.

If you click the included URL, your phone will download, install and run TOR. TOR itself is a legitimate program, but the malware uses it to anonymously connect to a remote server. Then your phone sends out “Thank you” via SMS to the number 9876543210. Nothing wrong with being grateful, but this message is insidious because the SMS also sends your phone’s location.

Your phone is then susceptible to malicious attackers who can wreak havoc. They can monitor and control your phone at will, including wiping your phone data, sending SMS messages to premium numbers and accessing your messages. The malware can even inject itself into Chrome and remotely issue commands that control your phone keys, activate sleep mode and more.

According to researchers at Heimdal Security who analyzed the malware, Android phones set to use the Russian language or owned by Russian users are immune to the Mazar Android BOT. For those of us who do not speak Russian, Heimdal Security recommends the following preventive measures to fend off malware infection:

  • Do not tap on URLs or links in MMS or SMS messages unless you are certain that the message comes from a trusted source. Always exercise caution, even with messages from known sources.
  • Disable the installation of external apps from unknown sources. Make sure that “Unknown sources” under Settings > Security is not checked. Sometimes, you'll need to enable this in order to install legit Android apps such as Amazon Prime Video or Amazon Underground. Always turn off the feature after installing such apps.
  • Protect your phone with a reliable antivirus app.
  • Turn off Wi-Fi when not in use and avoid unknown or unsecure networks, especially public Wi-Fi hotspots.
  • Jack up your privacy and security by using a Virtual Private Network (VPN) on your phone.

For more tips on how to lock down your phone against threats, see our story about making your smartphone secure.

[Image credit: Elmer Montejo / Techlicious]


Phones and Mobile, News, Mobile Apps, Android Apps, Blog, Privacy

Discussion loading

Home | About | Meet the Team | Contact Us
Media Kit | Newsletter Sponsorships | Licensing & Permissions
Accessibility Statement
Terms of Use | Privacy & Cookie Policy

Techlicious participates in affiliate programs, including the Amazon Services LLC Associates Program, which provide a small commission from some, but not all, of the "click-thru to buy" links contained in our articles. These click-thru links are determined after the article has been written, based on price and product availability — the commissions do not impact our choice of recommended product, nor the price you pay. When you use these links, you help support our ongoing editorial mission to provide you with the best product recommendations.

© Techlicious LLC.