WhatsApp users being malware'd through phished messages
The malware was discovered by Danish security firm Heimdal who claims that apart from deleting your phone's content, the malware can also send our rogue calls or texts to other phones.
Mazar gets introduced to Android phones through an incoming text which contains a link to a multimedia message. The text reads: "You have received a multimedia message from +[country code] [sender number]. Follow the link http://www.mmsforyou[.]net/mms.apk to view the message."
Google kicks out 13 malicious apps from Play Store
The multimedia message covertly downloads a software named Tor to the unsuspecting recipient's Android phone. Via Tor, which is also known as the dark web, Mazar is downloaded which then takes control of admin rights of the phones.
Apart from obtaining your phone's location, hackers can use Mazar malware to make calls to premium numbers to inflate your bills, copy and read your incoming and outgoing texts which include one-time passwords used by banking apps as part of their two-factor authentication mechanisms as well as install Polipo proxy through which they can act as a gateway between your phone and any web-based service.
This malware can change your Android phone's PIN!
To ensure that Android phone users are taking appropriate steps to ensure that their phones or their privacy aren't compromised, Heimdal has come up with a few tips on keeping your phone safe from lethal malware:
1. Never click on links in SMS or MMS messages in your phone
2. Turn off the option in your phone's security settings that allows installation of apps from other sources other than the Google Play Store.
3. Never connect to unsecured public Wi-Fi networks
4. Install and constantly use a VPN on your phone
5. Stay careful and alert as adoption rate of Android latest security protocols is low.