Europe is faced with a new virus that is hitting Android phones. It was discovered by Heimdal Security. The virus is called Mazar and it spreads through texts. Once it is installed, it will forward all web traffic through a malicious proxy that allows attackers to reap sensitive details from the web activity of the user.
Heimdal told BBC the malware has currently been sent out to more than 100,000 phones in Denmark, although it is next to impossible to determine how far Mazar has spread from that point. It is important to mention that the virus is designed to avoid all phones with the language set to Russian. IT is thought this may be as a gesture to pacify Russian police.
The app depends on numerous bad security practices for it to be able to spread. The virus arrives in a SMS message, and if the user simply refuses to follow the link in the message they will remain safe. Even if you click the link, the virus doesn’t install unless you let software that resides outside the Google Play Store to install, which most security guides warn against. The effects have only been verified for phones running Kit Kat versions of Android, but it is likely older models would also be affected.
Still, it does not seem to slow down the Mazar virus, or help the security firms trying to catch it. According to a scan on VirusTotal, just 3 of the top 54 virus databases detected the Mazar virus on a scan. Heimdal has now gone public with its results, so we hope to see that number start to go up.