Printed from http://www.electronista.com

Android malware strikes again, this time via hacked sites

updated 07:05 am EDT, Thu May 3, 2012

Android hit by first mobile drive-by attack

Mobile security firm Lookout has issued an update alerting Android users to a new drive-by malware attack. In a first for mobile devices, the latest exploit uses hacked websites to target Android users. Users who have been affected have navigated unsuspectingly to a compromised website that has a hidden iframe at the bottom of each page triggering the NotCompatible Trojan to download to their Android device.

The automatically downloaded file is named 'Update.apk,' but will still need to be manually approved for installation by the user. With millions of Android 2.3 users still awaiting an update to Android 4.0 first released in October last year, the hackers have employed a relatively cunning strategy to trick affected users into unwittingly install the virus. When installed, NotCompatible will seek to connect to private networks and could potentially gain access to normally protected information. Government agencies and enterprise could be vulnerable in this instance.

However, Lookout believes that the number of affected sites remains low and its overall impact remains minimal at this time. The latest scare follows recent attacks on Android including one using Facebook, another using a fake port of a Bjork app and a fake Instagram app. Late last year, McAfee noted that Android malware had surged 76 percent coupled with its rise in popularity. [via Slashgear]




By Electronista Staff
toggle

Comments

  1. ASathin8R

    Fresh-Faced Recruit

    Joined: Oct 2010

    -1

    It's only fair...

    ...that the ultimate Trojan horse, which masquerades as a smartphone OS, should offer safe passage to other viruses.

    People worry about Android apps and the permissions that they may have, what about the OS itself? Who knows what data Google is mining out of legions of blind followers...

  1. DerekMorr

    Fresh-Faced Recruit

    Joined: Mar 2010

    0

    most users will be unaffected

    This app can only be installed if the user has gone into Settings and enabled installing non-Play Store apps. By default, only apps from the Play Store can be installed, and the Bouncer system has a good track record of filtering out malware. By the way, this setting also protects against the fake Instagram and Bjork apps mentioned in the article.

    As usual, Lookout is spreading FUD and hype to scare you into buying their unnecessary product.

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

Sponsor

Recent Reviews

Dell AD211 Bluetooth speaker

For all of the high-priced, over-engineered Bluetooth speakers in the electronics market, there is still room for mass-market solution ...

VisionTek 128GB USB Pocket SSD

USB flash drives dealt the death blow to both the floppy and Zip drives. While still faster than either of the old removable media, sp ...

Kodak PixPro SL10 Smart Lens Camera

Smartphone imagery still widely varies. Large Megapixel counts don't make for a good image, and the optics in some devices are lacking ...

Sponsor

toggle

Most Commented

 
toggle

Popular News