Saturday, May 19, 2012

New Android malware spreads on mobile devices

If you are an Android smartphone user or tablet user, beware.

According to Lookout, a smartphone security company, you are now facing another malware threat called NotCompatible. This new trick up malicious programmers’ sleeves, spreads malware through infected or hacked/compromised websites.


Screenshot from mylookout.com

How the malware works

When the you visit a compromised website from your smartphone or tablet (or any Android powered device), your web browser will automatically begin downloading application, a process known as a "drive-by download."

Once downloaded, the device will display a notification prompting the user to click on the notification to install the downloaded app. But for the app to actually install on a device, it must have the “Unknown sources” setting enabled.

The positive side - at least for the time being - is that if  your device "unknown sources" setting is not enabled, the installation will be blocked.


Update by Lookout

An update by the security company stated that NotCompatible is a new Android trojan that appears to serve as a simple TCP relay / proxy while posing as a system update. It does not yet appear to cause any direct harm to a target device, but could potentially be used to gain illicit access to private networks by turning an infected Android device into a proxy.

This appears to be the first time that compromised websites have been used to distribute malware targeting Android devices.

As a matter of concern, a device infected with NotCompatible could potentially be used to gain access to normally protected information or systems, such as those maintained by enterprise or government. So, if you are an administrator of a network at work place, this threat could be of interest to you.


Prevention

For people with Lookout protection, you are covered. For the masses, simply block (don't enable) auto installation of app from unknown sources. Simple as that.


Reference: Lookout mobile security

4 comments:

tehr said...

terima kasih banyak, bro
maklumat yang sangat berguna

de engineur said...

@tehr. For now, pengguna2 smartphone dgn iOS belum terlibat lagi, tpi mungkin tdk lama lagi kenalah tu.

Salitype said...

This is a good information, I have an android phone and I will make sure to pay attention when I see this message.

Anonymous said...

Worthy day! I am the first on your site. Help me to give up smoking.