Android malware now spreading through hacked Web sites
Malware is now being targeted to Android devices via compromised Web sites, a first in the mobile world, says security firm Lookout.
Android users are now facing another malware twist.
A new Android Trojan dubbed "NotCompatible" is being spread through compromised Web sites. Though the threat seems to be minimal at this point, security provider Lookout says this is the first time hacked Web sites are being used to target mobile devices.
Further, Lookout believes the new malware could be used to break into private networks via an infected Android device.
The Trojan works by automatically downloading an application from a compromised site through the Web browser, a process known as a "drive-by download." The mobile device then prompts the user to install the downloaded app. But for the app to actually install, the "Unknown sources" setting must be enabled on the device; otherwise the installation is blocked.
Samples analyzed by Lookout show that the malware can be used to access private networks, so IT administrators may want to be on the alert.
"A device infected with NotCompatible could potentially be used to gain access to normally protected information or systems, such as those maintained by enterprise or government," Lookout said yesterday in a blog post.
A number of Web sites have already been compromised, but those sites have seen little traffic so far. And since the malware requires the user to install the package, known as "Update.apk," Lookout doesn't anticipate much of an impact to Android users at this point.