Android smartphone and tablet users must be aware of a Trojan horse spreading under the hood. Coined as "NotCompatible", a new malware is spreading itself through hacked web sites, targeting Android users, along with being a threat to corporate networks and their security.

NotCompatible was first discovered by a Reddit user Georgiabiker while he was surfing his company's Web site. Analysts at Lookout Mobile Security claim that the Trojan is of no particular harm to Android smartphones and tablet, but it can gain access to private network through Wi-Fi network by turning android device into a proxy server.

The mechanism behind the infection is simple. When an Android user navigates to infected website, the malware initiates app download. Android system notifies the user about the "Update.apk" package installation, which looks like a system update. Like any drive-by-download, the user who installs the application gets infected.

It is the first time when a website-distributive malware targeting Android devices has been discovered. The malware has hijacked multiple websites. According to Lookout Mobile Security, the infected web sites contain the following code at the end of each page:

However, there is no serious reason to start panicking now. The malware has breached security on low-traffic websites only. Also, the hack works only when you have enabled sideloading. It is strongly recommended to block app installation from non-market stores (other than Play Store). On an ICS-enabled Android device, uncheck the "Unknown Sources" option found in Settings -> Security -> Device Administration.

Also, it is unclear whether the malware causes any long-term effect on your phone or can act as a Trojan Horse for something more dangerous. However, folks at Lookout claim that the only thing that happens to infected device could be used as proxy by hackers.

(reported by Johnny Wills, edited by Dave Clark)

© Copyright 2024 Mobile & Apps, All rights reserved. Do not reproduce without permission.