Site   Web

March 10, 2016

The Trouble with Texts: New Text Virus Hits Europe

Photo Credit: virii001 by .hj barraza Licensed under CC BY-SA 2.0

computer virus, until recently, was contracted by clicking on a link or an ad that caused you to download a piece of malicious code otherwise known as malware. If you were lucky, your system’s anti-malware program picked it up and eliminated it before it could do any real harm. If you were not, then your hard drive was corrupted to the point where it either slowed to a crawl, popped up hundreds of ads, or froze up completely. So news of a new virus would seem to be no news at all. Except that in this case, Android phones in Europe have been infected via text messaging with a new virus called Mazar. Once installed, this malware redirects all web traffic on the infected smartphone through a proxy that allows cybercriminals to harvest personal and financial information from victims. While the virus has not yet spread across the Atlantic, it is only a matter of time.


Courtesy of

Something is Rotten in Denmark

It all began quite innocently in Denmark, when Danish citizens with Android phones started receiving what looked like text messages that went something like this, “You have received a multimedia message from xxxxxxx.”  Follow this link to view the message.”



Courtesy of

What would you do if you received such a message from a phony friend or family member.  Would you hesitate to click on the link?  More than 100,000 Danes clicked, only to have their smartphones infected with malware that allowed cybercriminals to read, respond to and/or erase messages contained on the device.  Plus, the malware gave the perpetrators administrator privileges that also gave them the ability to lock the phone, redirect all internet searches to a proxy server that they controlled, and activate the phone’s webcam, or even wipe a phone clean, among other nefarious activities.

Just Say Nyet



Courtesy of

And, once infected, the first thing the hackers did was rifle the e-mail addresses of every contact contained on the device.  These addresses would then be used to send texts to everyone on the purloined phone.  This would then spread the virus far and wide.  Surprisingly, I read several newsfeeds that reported the virus was set to avoid infecting smartphones whose language was set to Russian.  Whether this was due to the fact that the hackers were Russian was never ascertained.  Suffice it to say that unless you want to brush up on your Cyrillic alphabet, this method of avoiding Mazar is not of much use to the population at large.

Although MazarBOT is quite a new peril to Android users, it is not unprecedented.  In a Yahoo Tech blog published in April, 2015, the online security firm Symantec reported that,  “17 percent of all Android apps (nearly one million total) were actually malware in disguise.” In 2013, Symantec uncovered roughly 700,000 virus-laden apps.


Courtesy of

More than one third of all apps were what Symantec calls “grayware” or “madware” — mobile software whose primary purpose is to bombard you with ads.The company also discovered the first example of mobile crypto-ransomware – software that encrypts your data and holds it hostage until you pay ransom for it.”

The report also indicates Android users from downloading apps from anyplace other than a trusted vendor, such as Google Play.  But as I have pointed out in previous blogs, even Google Play is not invulnerable to serving up apps laced with madware or malware.  Ultimately, the onus is on the user to make sure that their devices are secure and that all apps are thoroughly vetted before they are downloaded.

Malware Takes a Byte out of Apple

Apple users can also be hit by malware.  In 2012, a security hole in Java allowed more than 600,000 Macs to be controlled by a ‘botnet-spawned by the Flashback Trojan.’

Even iPhones have their issues, as reported in a January 2016 blog on entitled, “iPhone Virus: How to Deal with It.”

A lot of these malware apps were also designed in such a way that scammers are able to fish for and gain access to the users’ personal information. Most of the time, the users most affected by these malware apps are those who use devices are running on either Microsoft Windows or Android platforms.

It’s rear to hear that an Apple user found a malware app on their device. It not unheard of, but it is rare. Then again there are those unfortunate few: Apple users whose devices, for some reason, have contracted malwares through their browsers.

Just a few months ago, Apple has announced that it removed dozens of apps from the App Store after detecting that malware were masked and inserted into some of the apps downloadable from the App Store. The malwares reportedly made their way to the App Store through a fake version of Apple’s XcodeGhost, which program developers use to write codesfor their apps. Security experts believe the breech was made when Chinese developers unknowingly downloaded and used the fake version of XcodeGhost after bypassing Apple’s security system.

Before this discovery, however, only a total of five apps out of over 1.5 million were found to have malwares in them. This means that Apple’s security system is still one of the most secure in the world.


Courtesy of

You’re the Last Line of Defense
That last line does not mean much if your iPhone has succumbed to an infected app or text.  If anything, Android users have become cagier, since they know their devices are vulnerable.  Now Apple users are starting to realize that no device is invulnerable.

Still, there are a number of things that Android users can do to protect themselves:

  1. Install antivirus software – Contrary to popular opinion, Smartphones aren’t phones at all. They are computers that can be cracked and hacked the same as any PC, laptop or tablet.
  2. Be wary of using public Wi-Fi nodes since these are breeding grounds for malware.
  3. Thoroughly vet any app you intend on installing.
  4. Open your default messaging app and make sure that you disable the setting that automatically retrieves multi-media messages. (You can do this by going into your phone’s settings, select the “more” item under the Wireless & Networks section and look for “Default messaging app” Select the “more” item under the Networks section and deselect the option for auto-retrieval.)


Also, do not open any attachments you receive even from family and friends, unless you call them (believe it or not, your Android phone can do this) and ask them if they sent you the attachment.  More importantly, if they act as though they do not know what you are talking about, inform them that in all likelihood their system has been compromised and all their friends and family need to be warned that they should not open any attachments purportedly coming from them.

Just as when fighting a viral pathogen like Ebola, the only way to prevent the spread of a disease is by stopping the outbreak at its source.  In this day and age, that’s what it takes to have safe text.


Carl Weiss has been working the web to win since 1995 and has helped hundreds of companies increase their online results. He is president of W Squared Media and co-host of the weekly radio show Working the Web to Win which airs Tuesdays at 4pm Eastern on Click here to get his latest book "Working The Web to Win: When it comes to online marketing, you can't win, if you don't know how to play the game!".