New Android malware can wipe your phone and your bank account

Don't tap untrusted links in SMS messages. Photo: Killian Bell/Cult of Android

Don’t tap untrusted links in SMS messages. Photo: Killian Bell/Cult of Android

A new Android malware dubbed “Mazar,” which is being spread by SMS, is capable of wiping all of your personal data, making calls, and reading your text messages.

Detected by a Danish security firm, the malware is thought to have been distributed to more than 100,000 phones in Denmark alone so far.

Security firm Heimdal thinks this is the first time Mazar has been detected in “widespread, real world attacks,” reports BBC News. In the examples it studied, users received innocent-looking SMS that contained a link to a multimedia message.

That link reportedly downloads Tor, a browser that enabled anonymous connections, then downloads the malware through this browser. It’s thought this is an effort to keep the source of the software a secret.

Strangely, the malware cannot be installed on handsets that are set to use the Russian language. You’re also safe if your device is set to block installations from unknown sources. Allow this, however, and you could be at risk.

“Infected phones are at risk from a range of threats – from attackers secretly monitoring devices to reading a user’s texts or even erasing all personal data from the handset,” adds the BBC.

The software can also call or text premium rate numbers, which means could mean you end up handing money over to the hackers via your phone bill. If this happens, there’s very little you can do about it; most carriers are unwilling to help.

Mazar was tested on phones running Android 4.4 KitKat. It’s thought earlier versions of the software will also be vulnerable to the same code, but it’s unclear whether later releases — Lollipop and Marshmallow — are immune to it.

Heimdal recommends that you don’t click links in SMS messages that you do not trust — even if it appears to be from a known contact, since this can be spoofed. Confirm the link is safe before opening it.