New Android Malware Mazar BOT Can Spread Via Text Messages

By Lynn Palec / 1456131700
(Photo : Reuters) People wearing balaclavas are silhouetted as they pose with a laptops in front of a screen projected with the word cyber crime.

A new type of malware that spells trouble for Android devices was recently discovered. The malware called Mazar BOT can allow hackers to gain remote access to Android devices by simply sending a text message.

The Mazar BOT malware strain was first discovered by the Dutch security firm Heimdal Security. The security firm reported that devices affected by the Mazar BOT malware can be manipulated by hackers to make, send and receive text messages. Hackers can also remotely make phone calls, access the Internet and even completely wiping out the device's storage.

Hackers who use Mazar BOT to infect Android devices will first send a plain text message informing users that they are about to receive a multimedia message and instructs them to follow the link provided and download it.

Once the unsuspecting user taps the link, a malicious Android application package file or APK will be downloaded instead of the MMS message. The malware also downloads The Onion Router (TOR) browser which allows the hacker to anonymously surf the Internet and send data from the device to a receiving computer through a completely untraceable network.

The Mazar BOT also creates a backdoor pass on the infected device. This backdoor can be used by hackers to remotely access or monitor the infected device anytime.

Since Mazar BOT gives hackers complete control of the device, including administrator permissions, they can send premium SMS texts or create phone calls in order to run up the user's phone bill. By remotely accessing the user's SMS inbox, hackers can read identification codes sent to the user as part of the two-factor authentication protocol.

Mazar BOT is just one part of the problem. Security experts reveal that through Mazar BOT, hackers can setup a Polipo proxy which malicious users can use to initiate a man-in-the-middle attack.

In a statement acquired by News Factor, Heimdal security specialist Andra Zahara said, "Attackers may be testing this new type of Android Malware to see how they can improve their tactics and reach their final goals, which probably is making more money."

According to the BBC, despite the sophisticated attack mechanism employed by Mazar BOT, the malware cannot infect smartphones whose default language is Russian.