Flurry Journal

General Blog

Mazar: Malware Affecting Android Devices

The dark web has always harbored some of the most lethal software tools available on the planet. Among all the malwares coming from the deep web sites, the Mazar malware has become a constant staple and going around the marketplace for two years now.

What is Mazar?

Mazar is a deadly malware. The reason this malware is even more dangerous is that it attacks Android devices, and is easily deliverable through SMS. Today, android is one of the primary operating systems along with iOS running on most of the smartphones across the globe. Android is also known to be susceptible to malware and security vulnerabilities, unlike its counterpart iOS.

How does this malware work?

Mazar’s primary functionality lies in the idea of providing admin privileges to the attacker. This malware spreads through SMSs and MMSs.

Once the message containing the malware is opened, the malware installs a program on the Android device. What this program does is lock out the user from the system and give admin privileges and permissions to the attacker. The attacker can then use the phone’s core functionality to his/her needs (like making a phone call, sending messages, downloading files etc.)

As per the security company Heimdal, Mazar installs a program and TOR on to the Android device, which then connects to an unknown server address. The program then reports back the location of the device. Interestingly, the malware itself does not come with the message, and hence it is not detected by the mobile antivirus software. The message contains a link, which when clicked, installs the malware APK via TOR. By doing this, the source of the malware remains anonymous.

One another interesting fact to be noted here is that the malware is not susceptible to devices having Russian as their primary language, which more than tells the nationality and affiliation of the creators of Mazar. This malware is on sale on the dark web.

Avoiding the malware

Owing to the factors on which Mazar can spread and affect your Android devices, it can be deemed as a relatively low risk malware today. This said, it is easy to avoid Mazar if you are a little vigilant and careful. Nonetheless, it has a devastating effect if your device gets infected.

One of the steps you can take to avoid Mazar is to disable the option of third party APK installs on your device. The malware is downloaded from TOR, so having this setting disabled will stop its downloading.

It is also of utmost importance that you stay careful and vigilant to any SMSs and MMSs coming from an non-trusted source. Setting the phone’s language to Russian is also another way to repel Mazar, if that is your only concern. This would not be practical to those people who do not understand Russian.

Spreading of the malware is limited to only one channel, as it is difficult for the attackers to place the links anywhere else accessible by the Android devices.

These factors have caused a major hinder in the spread of Mazar, and as such, there have been no reported major attacks except one instance in Denmark in 2016.

Staying vigilant

Just because the malware is easy to avoid does not warrant reckless and ignorant behavior. Users and organizations should have proper contingencies and security precautions to tackle this situation, like appropriate access and control settings and mobile antivirus solutions.

Most of the financial services are being provided by smartphones, and it becomes really important to safeguard your mobile banking from malware and illegal activities. An attacker, if successful in gaining access to your device, can use your personal and financial records to withdraw money from your account or even sell your information on the dark net, where the value of these stolen data is always high. Mazar is an old malware, but it still is dangerous if one does not remain vigilant and careful. To know latest info about the deep web or dark web at https://www.deepwebsiteslinks.com/

 

Related Posts