New form of Android Malware that is spread via text messages appears in Europe

europe, malware, virus, denmark, mazar, heimdal, heimdal security

A new form of Android malware has appeared in Europe that is being spread via SMS messages. Danish company Heimdal Security, which uncovered Mazar BOT, told theBBC that it has already spread to 100,000 devices in Denmark, although it’s not clear how far it’s reached beyond the county’s borders.

The SMS messages in question contain a link, claiming to be a multimedia message, that when clicked will prompt users to download a malicious Android application package (APK) called ‘MMS Message.’

The text messages generally look like this: ‘You have received a multimedia message from +[country code] [sender number] Follow the link http:www.mmsforyou [.] Net /mms.apk to view the message.’

Once installed, Mazar gains administrator rights that allow attackers to do whatever they want with the phone, including reading text messages or sending them to premium channel numbers, monitor calls, root the phone, and even erase all the data stored on the device. It also uses TOR for communication.

“Attackers can open a backdoor into Android smartphones, to monitor and control them as they please, read SMS messages, which means they can also read authentication codes sent as part of two-factor authentication mechanisms, used also by online banking apps and ecommerce websites, and use their full access to Android phones to basically manipulate the device to do whatever they want,” warned Heimdal

The company has only tested devices running Android Kit Kat, but it says older versions will likely be at risk as well. Phones with the latest versions of the OS haven’t been tested.

One of the interesting things about Mazar is that it won’t install itself on an Android smartphone that has Russian selected as the operating system’s language. The malware has been advertised on the Dark Web for a while, but this is the first time it’s been used in active attacks.

Despite Mazar requiring people to click on the SMS link and allow software from outside the Play Store to be installed on their device, it is still spreading. As a warning to less tech-savvy users, Heimdal said: “First of all, NEVER click on links in SMS or MMS messages on your phone. Android phones are notoriously vulnerable and current security product dedicated to this OS are not nearly as effective as they are on computers.”

Three becomes the first mobile carrier in Europe to block ads at network level

europe, ads, advertising, ad blocking, three, network-level ad blocking, shine, three uk, three italy

Mobile operator Three has announced that it will become the first major carrier in Europe to block ads at a network level. The move will no doubt upset ad companies, as well as the many digital publishers who rely on the revenue that ads generate.

Three UK and Three Italy have signed a deal with Shine, an Israeli company that specializes in blocking mobile advertising. If it is successful, the technology will expand to other Three markets across the globe.

Three says that it isn’t looking to eliminate all mobile advertising, rather it wants to give its customers more control over what they see. The company has outlined three goals it hopes to achieve by using Shine’s technology:

  • Customers should not pay data charges to receive adverts. These are costs that should come from the advertiser.
  • Customers’ privacy and security must be fully protected. Some advertisers use mobile ads to extract and exploit data about customers without their knowledge or consent.
  • Customers should receive adverts relevant to them, and not “have their data experience in mobile degraded by excessive, intrusive, unwanted or irrelevant adverts.”

It’s not clear how Three will meet all these goals, especially when it comes to asking advertisers to pay data charges, but it said it will reveal more details soon.

“Over the coming months Three will announce full details of how it will achieve these objectives and will work with Shine Technologies and the advertising community to deliver a better, more targeted and more transparent mobile ad experience to customers,” says a Three spokesperson.

Jamaica-based operator Digicel became the first to use Shine’s ad-blocking technology in September last year. Shine has said it plans to offer its services to more European carriers throughout this year, and the company has its sights set on the US market.

“Irrelevant and excessive mobile ads annoy customers and affect their overall network experience,” said Tom Malleschitz, chief marketing officer at Three UK. “We don’t believe customers should have to pay for data usage driven by mobile ads. The industry has to work together to give customers mobile ads they want and benefit from.These goals will give customers choice and significantly improve their ad experience.”