We have seen many malwares affecting the Android ecosystem & Google releasing security patches for them . Some OEMs also release regular security patches in order to fight with these malwares.
Now as per a report from Danish security firm Heimdal, they have discovered a new Android Malware named Mazar which can cause erase of full data in your Android phone. This can be done with just a single text message to your phone which will be converted to a multimedia message when you open. This also gains administrator permissions such as SEND_SMS, RECEIVE_BOOT_COMPLETED, INTERNET, SYSTEM_ALERT_WINDOW, WRITE_SMS, ACCESS_NETWORK_STATE, WAKE_LOCK, GET_TASKS, CALL_PHONE, RECEIVE_SMS, READ_PHONE_STATE, READ_SMS, ERASE_PHONE.
The SMS / MMS in question arrives with the following contents (sanitized by Heimdal Security):
You have received a multimedia message from +[country code] [sender number] Follow the link http: //www.mmsforyou [.] Net / mms.apk to view the message.
If the APK (which is a program file for Android) is run on an Android-powered smartphone, then it will gain administrator rights on the victim’s device. This will allow the attackers to:
How to protect yourself against these malwares:
- NEVER click on links in SMS or MMS messages on your phone.
- Go to Settings > Security and make sure this option(Unknown Sources) is turned OFF.
- Install a top class antivirus for Android.
- Do not connect to unknown and unsecured Wi-Fi hotspots.
- Install a VPN on your smartphone and use constantly as it is very good for privacy & security purpose.
- Try be cautious all the time about your phone & personal date a in it.