Malware Targets All Android Phones — Except Those In Russia

itwbennett writes: MazarBOT, a malware program that can take full control of Android phones, appears to be targeting online bank accounts. The malware has been seen advertised on Russian underground forums in the last few months and surfaced over the weekend. '[On] Friday, a swarm of SMSs were sent to random phone numbers in Denmark and likely elsewhere. The content of the SMS had the purpose of luring the recipient into clicking the provided link, which would serve up a malicious APK,' wrote Peter Kruse, an IT security expert and founder of CSIS Security Group. One interesting feature: 'MazarBOT will stop installing itself if it detects an Android device that is running within Russia,' writes Jeremy Kirk.

Re:How is this even a thing?

[Killall+-9+Bash]

Ever root your android phone? Because unless you really REALLY know what you're doing, you're just downloading things and following instructions (which is why I'm not bothering to root mine).

People who root their phones are doing exactly this, although with (allegedly) non-malware payload.

Re:How is this even a thing?

[CaptSlaq]

Firstly, the link in the article above takes you to a site which has nothing at all in it about Android malware. It's completely about Linux malware that's injected via Windows machines. So what the hell is it doing in the article as the primary link? Then, if I understand correctly (based on the summary alone - because, you know, the primary linked article is clearly completely wrong), you'd need to: 1. Get an SMS with a link in it. 2. Click the link. 3. Get redirected to a website (which Chrome doesn't block). 4. Download an APK from that site. 5. Attempt to sideload it. 6. Realise you can't sideload it without disabling default security options (because the second link does indeed say that the user needs to manually install the APK). 7. Go disable default security options. 8. Sideload the APK. WHO THE FUCK FALLS FOR THIS SHIT?!?! Seriously? How the hell do people successfully find idiots who will do that kind of thing?

Amazon is already priming the pump for this: Underground and Prime video require sideloading.

Re:This is why I own an iPhone

[MobileTatsu-NJG]

Pftbtbt... this isn't real malware because it requires side-loading, and everyone knows that's super dangerous so you should only use the wall^H^H^H^H store. Let's meet over in the next thread so I can tell you about how awesome Android is because you can sideload apps!