Search Engine

Thursday, May 3, 2012

Hacked websites with malware target Android devices

A new batch of hacked websites pose a new threat to mobile devices running Google's Android operating system, a computer security firm warned.
Lookout said the sites serve "NotCompatible," a new Android Trojan that appears to serve as a simple TCP relay and proxy while posing as a system update.
"This threat does not currently appear to cause any direct harm to a target device, but could potentially be used to gain illicit access to private networks by turning an infected Android device into a proxy," it said.
Potentially, it said an infected Android device may be used to gain access to normally protected information or systems, "such as those maintained by enterprise or government."
Also, it pointed out this appeared to be the first time that compromised websites have been used to distribute malware targeting Android devices.
Lookout said that if a user visits a compromised website from an Android device, the mobile web browser will automatically begin downloading the NotCompatible app named "Update.apk."
But a user will still need to install the downloaded application before a device will be infected.
To actually install the app to a device, it must have the “Unknown sources” setting enabled. If the setting is not enabled, the installation will be blocked.
"Based on our initial investigation, we’ve confirmed that a number of websites have been compromised. However, affected sites appear to show relatively low traffic and we expect total impact to Android users to be low," it added.
Lookout said suspicious applications are currently served from the following sites:


Post a Comment