Malware targets all Android phones -- except those in Russia

Status
Not open for further replies.
Venustus

Venustus

Level 59
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Dec 30, 2012
4,809
A malware program for Android seen advertised on Russian underground forums in the last few months appears to have made its first big debut.

MazarBOT can take full control of a phone and appears to be targeting online banking customers, wrote Peter Kruse, an IT security expert and founder of CSIS Security Group, based in Copenhagen, which does deep investigations into online crime for financial services companies.
CSIS saw a "swarm" of SMSes sent to random phone number in Denmark on Friday," Kruse wrote. The messages contained a link to an Android package file, which is MazarBOT.

The Onion Router. Tor is a network of distributed nodes that provide greater privacy by encrypting a person’s browsing traffic and routing that traffic through random proxy servers.

The malware then sends an SMS saying "Thank you" along with the device's location to a phone number with Iran's country code.

MazarBOT can exert a lot of control over a phone. It can open up a backdoor to monitor a device, send SMSes to premium rate numbers and read two-factor authentication codes send by SMS.

The malware also has a remote debugging function, which Kruse wrote allows "for a variety of advanced attacks on the network" that a particular Android device uses.

"MazarBOT is pretty advanced and nasty Android malware," Kruse wrote. "Several factors indicate that it was designed as malware primarily targeting online banking customers. In fact, it will most likely succeed in circumventing most online banking protection solutions."

Source
 
  • Like
Reactions: upnorth, jamescv7, JM Safe and 6 others
Tony Cole

Tony Cole

Level 27
Verified
May 11, 2014
1,639
It's Vladimir Putin's getting us back. The West should stop playing dangerous games. It's amazing that all the dangerous malware comes from Russia, I wonder if Kaspersky is ever involved, after all Eugene is best friends with Putin.
 
  • Like
Reactions: JM Safe, Sana and CySecy825
Venustus

Venustus

Level 59
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Dec 30, 2012
4,809
Tony Cole said:
It's Vladimir Putin's getting us back. The West should stop playing dangerous games. It's amazing that all the dangerous malware comes from Russia, I wonder if Kaspersky is ever involved, after all Eugene is best friends with Putin.
Click to expand...
As is Symantec with the NSA!!;):)
The Russians have the best hackers followed closely by China!

PS:This is not meant to be a post with political overtones!!:)
 
  • Like
Reactions: upnorth, jamescv7, JM Safe and 3 others
H

hjlbx

Mobile device exploits - especially Android - are the wave of the future.

If you think PC-based IT security is difficult - you ain't seen nothin' yet.

The only thing that will help save us is the fact that the really big money will be had hacking PCs for the foreseeable future.
 
  • Like
Reactions: Cats-4_Owners-2, Rishi and Venustus
Cats-4_Owners-2

Cats-4_Owners-2

Level 39
Verified
Honorary Member
Top Poster
Well-known
Dec 4, 2013
2,800
I'm concerned over Google's ease of accessibility plus Android's vulnerabilities too. Whereas this very morning I was neither able access MT nor Gmail, both of which utilize 2-step authentication that begins with Google sending my non-Smartphone an access code needed to log onto Gmail from where I additionally receive a 2nd login code to get onto MT.;) Unfortunately, having skipped recharging my month to month cellular, my Missus could not reach me from her phone (with Android) in order to inform me she would be late leaving her clinic because of a water failure issue. Luckily, I was able to access Gmail from our tablet, also with Android, and from there make my way to Google Voice where I could <text> Mrs. Cats, and later was also able to retrieve the code to access Malware Tips!!:):) Problems solved, right?o_O Well,:rolleyes: ...on one hand I am happy to be connected once more (via Gmail/Google Voice) thanks to the android tablet's instantaneous logging onto Google which bypassed the bother of 2-step authorization. On the other hand,:oops: since I was able to find a shortcut in order to access my accounts to get around at least one of the 2-step verification(s) in order to get hold of the other, what's to stop someone shady with malicious intent from doing exactly the same thing particularly if they were get hold of our android tablet ..or :eek:my wife's Android phone?:confused:
Oi Vay!:mad: :rolleyes::D
 
Last edited:
  • Like
Reactions: Venustus
jamescv7

jamescv7

Level 85
Verified
Honorary Member
Mar 15, 2011
13,070
Indeed, expect that Android is already provides full privileges hence the kernel of Linux is not the problem but rather its components and vulnerability result of disruption to work.
 
  • Like
Reactions: Venustus
Status
Not open for further replies.

Similar threads

Gandalf_The_Grey
    • Like
    • +Reputation
Dedoimedo: Android security and privacy guide
Replies
1
Views
356
Android & WearOS
LennyFox
L
silversurfer
    • Like
    • +Reputation
New Update Google is rolling out the Android Feature Drop for Q4 2023.
Replies
1
Views
349
Android & WearOS
Bot
Bot
silversurfer
    • +Reputation
    • Like
Malware News Chinese Hackers Using Deepfakes in Advanced Mobile Banking Malware Attacks
Replies
0
Views
681
Security News
silversurfer
silversurfer

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top