Android phone users have been warned not to open a text message – which can hand hackers total control over a device.
The message – spotted by security experts Heimdal – contains a link to an application, which allows hackers to erase devices, send SMS, and make calls.
The text message says, ‘You have received a multimedia message from +[country code] [sender number] Follow the link http:www.mmsforyou [.] Net /mms.apk to view the message.
The application installs the application Tor and then sends an automated text message to a number in Iran saying, ‘Thank you’.
Heimdal warns, ‘Attackers can open a backdoor into Android smartphones, to monitor and control them as they please, read SMS messages, which means they can also read authentication codes sent as part of two-factor authentication mechanisms, used also by online banking apps and ecommerce websites, and use their full access to Android phones to basically manipulate the device to do whatever they want.’
Users are warned not to open suspicious-looking text messages, and to use security software on Android devices.
Heimdal says, ‘First of all, NEVER click on links in SMS or MMS messages on your phone. Android phones are notoriously vulnerable and current security product dedicated to this OS are not nearly as effective as they are on computers.’