Beware: ‘Mazar BOT’ Android Malware Spreads Via SMS, Can Wipe All Of Your Data

Security vulnerability on smartphones is more synonymous with Android than any other platform, and a new string of malware targeting it seems to reinforce that sentiment. Discovered by a Danish security firm, Mazar BOT is the newest malware in town that can gain admin rights on your phone and subsequently take control of it.

According to Heimdal Security, the company that discovered Mazar BOT, the said exploit is being spread via SMS text messages and as per its estimations has already been sent to over 100,000 Android phones in Denmark alone. Whether or not users in other countries have received any such texts is unclear at this moment, but what is worrying is the admin privileges which the malware can gain.


If the Android device receiving this malicious text has the “Unknown sources” option enabled in Settings – which allows for installation of apps from untrusted sources – then Mazar BOT is capable of finding its way onto the compromised phone and place phone calls, read texts, and even wipe all of the data on phone clean at will.

The malicious SMS being received is reportedly carrying a link masking it as a multimedia message, which when opened leads to downloading of a Tor software on the phone and forms an anonymous connections to it through which the Mazar BOT malware is actually downloaded. The malware can also inject itself into the Chrome web browser on the device.


Once the malware is installed “an automated SMS will be sent to the number 9876543210 (+98 is the country code for Iran) with the text message: “Thank you”. The catch is that this SMS also includes the device’s location data.”

Interestingly enough, it has been discovered that devices set with Russian as the choice of OS language are pretty much invincible to Mazar BOT. According to Heimdal, this isn’t exactly a new development as such limitations have also been observed with some PC malwares in the past. That is part of the reason why it is being believed that the Mazar BOT malware has been created by a Russian group of cyber-criminals.

Heimdal is advising that in order to keep yourself safe from Mazar BOT, you should be careful while clicking on links received in text messages, make use of a VPN software to protect your privacy at all times, and most importantly, to make sure that the “Unknown Sources” option in your phone’s Settings is turned off.

(Source: Heimdal Security)

You can follow us on Twitter, add us to your circle on Google+ or like our Facebook page to keep yourself updated on all the latest from Microsoft, Google, Apple and the Web.