There is an ever increasing number of mobile devices being connected to the Internet now, but with this the number of threats to our smartphones and tablets grows with it, and now there are hacked websites targeting Android devices with a new Android Trojan called NotCompatible that is gaining illicit excess.
The problem has been reported on the official Lookout Blog, and normally hacked websites are used to attack PCs with malware, but now these hacked websites are being used to target mobile devices. This latest attack works when a user visits a compromised website via an Android device, and the web browser will then automatically start to download an application, which is more commonly known as a drive by download.
Once the rogue application has finished downloading the device will then ask the user to click on a notification to install the downloaded app. To actually install the app on a device it must have the ‘Unknown sources’ setting switched on; otherwise the installation will be blocked.
It seems that the amount of websites that have been affected could be numerous, but research has found that these sites have relativity low traffic with the impact to Android users pretty low as well. The Lookout team has found that NotCompatible works as a simple TCP relay/proxy while posing as a system update, but currently the malware isn’t harming target devices. It could though eventually be used to gain illicit access to private networks by turning a device that is infected into a proxy.
Android users should lookout for automatic downloads of the NotCompatible application that is called ‘Update.apk’. It seems also that Android owners that are currently using Lookout products are protected from drive by downloads, when the features File System Monitoring and Install Monitoring are active. Users are alerted to known threats if they are downloaded to a handsets storage like the downloads folder found on an SD card, and just before they are installed via sideloading.
Do you have security software installed on your Android device?