A new Android Trojan dubbed "NotCompatible" is being spread through compromised Web sites. This may directly affect Android tablets and smartphones, along with being a potential risk hazard to corporate networks and their security.
Kevin Mahaffrey is co-founder and CTO of a San Francisco based firm called Lookout Security. The main focus of the company is Android and during their investigations it was found there was a new malware out there. Called “NotCompatible” the Android malware is, according to Mahaffrey, a risk to corporate networks.
According to their report, a hacked Web site would contain a hidden iFrame at the bottom of the page. When the Android browser loads the page, it will attempt to load the file in the hidden iFrame. Upon loading the file, the browser would transfer control to the app loader, which would display an application installation screen, with the header com.Security.Update. An unsuspecting user might install the app, and thus infect their Android device.
Fortunately, the malware isn’t very stealthy. Mobile malware threats are not as widespread as those targeting PCs. Criminal hackers are experimenting with different business models for mobile devices, such as tricking users into subscribing to pay-text-message services that the criminals control.
Android app security holes have long been a concern because of the mobile operating system's more open architecture and the app market's less stringent standards for developers than others such as Apple's iOS or Research In Motion's BlackBerry OS.Earlier this year, Google said it was using a service called Bouncer that automatically polices its app market and takes down offenders before they strike.
Mahaffey, who studied Internet browsing data from Android gadgets to draw his conclusions, said an attacker could latch on to a business or government network if an employee whose Android device has been infected with NotCompatible accessed their corporate information via Wi-Fi.
With over 600 million Android devices in the world, the purveyors of malware will always be seeking ways to infect your Android device. The worst kind of update you can download to your machine is one that you didn’t ask for and don’t know where it comes from.