Q
Evaluate Weigh the pros and cons of technologies, products and projects you are considering.
This article is part of our Essential Guide: Antimalware tools and techniques security pros need right now

How does the Mazar malware take control of Android devices?

The Mazar malware can wipe an entire Android device once it has been installed. Expert Nick Lewis explains how this malware works, and how attacks can be prevented.

An Android bot called Mazar can reportedly give attackers control over Android devices and even wipe them completely. How does this Android bot work, and what precautions should users take?

Heimdal Security blogged about an uncommon Android malware named Mazar, which was previously only observed on the dark web and now is showing up in what appears to be an active attack. Threat intelligence firm Recorded Future also blogged about Mazar's attack on the Russian bank Sberbank. The Mazar malware appears to target text messages and web-based applications, potentially to steal two-factor authentication codes or web-based banking applications. The Mazar malware propagates via SMS messages with malicious links that entice the individual to click on the link. Once the user clicks on the link, it prompts him to install the malicious APK file. This requires the individual to press the Install button to install the malware. Once installed, the Mazar malware has full access to the systems. It will send an SMS message registering it was installed, and then install a web proxy. At this point, the malware can do anything to the system. If the user doesn't click on the malicious URL or click on install, he can avoid the Mazar malware. It is also configured to not attack systems with the Russian language option.

While the Mazar malware is relatively low risk based on the limited number of targets, enterprises should ensure they have the standard precautions in their information security programs. This includes security awareness around safe smartphone usage, such as not installing applications from SMS messages and maintaining a cautious attitude. Enterprises should have some sort of mobile device management system that includes antimalware protection and security options like not allowing applications to be installed from unknown sources.

Ask the Expert: Have a question about enterprise threats? Send it via email today. (All questions are anonymous.)

Next Steps

Develop an antimalware strategy for multifaceted threats

Read about cyberattacks on Asian banks that used the same malware

Learn how to mitigate advanced malware evasion techniques

This was last published in July 2016

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Join the conversation

2 comments

Send me notifications when other members comment.

Please create a username to comment.

What has your enterprise's experience been with Android malware such as Mazar?
Cancel
I have not had any issues. Then again, i'm not what you would call a power user of mobile devices so my risk level is small.
Cancel

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly.com

Close