Android users are being warned to beware a text message that could wreak havoc with their Android phone.
The text message in question contains a link to an APK (Android Application Package) that, if installed, will give the people behind the malware administrator rights to the victim’s device. This will let the attackers send SMS from your phone, have access to your internet browser, make calls, read your text messages (and hence read authentication codes sent as part of two-factor authentication mechanisms used by online banking sites) and erase everything on your device.
So not good.
The text message in question – via Heimdal Security Blog – looks like this (with some details redacted): “You have received a multimedia message from +[country code] [sender number] Follow the link http:www.mmsforyou [.] Net /mms.apk to view the message.”
The malicious APK has been identified as the Mazar Android Bot. It was previously seen in another guise in November of last year.
It works by installing Tor on your phone, then unpacking and running it in order to connect to a server. It then sends a text message that reads simply “Thank you”. But this SMS includes your device’s location data.
Strangely, the APK won’t run on Android phones using the Russian language option.
So what do the experts advise? You should never click links in SMS or MMS messages. Go to Settings > Security and make sure the Unknown Sources option is turned off – this will stop your phone installing apps from anywhere other than Google Play. You shouldn’t use unknown and unsecured wi-fi hotspots, you should install a VPN on your phone, and install an antivirus.