Pinterest Stumbleupon Whatsapp
Ads by Google

A new piece of Android malware Android Malware Has Increased 472 Percent Since July [News] Android Malware Has Increased 472 Percent Since July [News] Malware threats against phones were once few and far between, but anyone being honest with themselves knew that it was just a matter of time before hackers went after them in force. Now, Android is... Read More called NotCompatible is attempting to spread itself by attacking Android users who visit hacked websites What To Do If Your Website Or Blog Has Been Hacked What To Do If Your Website Or Blog Has Been Hacked Everyone wants to think that they won’t be hacked. Usually, they’re wrong. You don’t need to tempt fate by insulting Anonymous or documenting a particularly lulz-worthy obsession. Some hackers try to crack into websites at... Read More . Android owners are advised to remain vigilant against these attacks.

The malware is notable because it marks the first time this kind of attack is known to have been used against Android devices in the wild. The way it works is simple. A hacked website hosts a malicious app, which is then transmitted to every Android handset that visits the site. It’s a tactic that’s been used against PCs for years but is now making the transition to mobile devices.

Fortunately, Android’s built-in security does a decent job of thwarting the attack. Because apps require permissions the usual permission screen will appear when the malware tries to install itself. Users who have not chosen to allow the installation of unofficial apps won’t be able to complete the installation even if they accept the app.

Still, there is some threat. When the malware appears it poses as a security update and declares a limited number of permissions. This may lure some users into thinking that it’s harmless or even a valid system update. False-flag attacks like this rely on mass distribution. Their creators know most people won’t fall for it – but some small number will.

The app is a trojan, but the payload and/or purpose is unknown. It connects to a command and control server but then does nothing. Of course, the server can send new instructions at any time, and likely will at some point in the future.

Ads by Google

Source: Ars Technica via The Lookout Blog

  1. Pavel Kungurtsev
    May 16, 2012 at 5:58 pm

    There are some apps with ads on google play that advertise push-notifications with "updates" simulating google play page with flash player update or opera browser update (which, of course is malware)

Leave a Reply

Your email address will not be published. Required fields are marked *