Android malware now spreading through hacked websites
Malware is now being targeted at Android devices via compromised websites, a first in the mobile world, according to security firm Lookout.
Android users are now facing another malware twist.
A new Android trojan dubbed "NotCompatible" is being spread through compromised websites. Though the threat seems to be minimal at this point, security provider Lookout says this is the first time hacked websites are being used to target mobile devices.
Further, Lookout believes that the new malware could be used to break into private networks via an infected Android device.
The trojan works by automatically downloading an application from a compromised site through the web browser, a process known as a "drive-by download". The mobile device then prompts the user to install the downloaded app. But for the app to actually install, the "Unknown sources" setting must be enabled on the device; otherwise, the installation is blocked.
Samples analysed by Lookout show that the malware can be used to access private networks, so IT administrators may want to be on the alert.
"A device infected with NotCompatible could potentially be used to gain access to normally protected information or systems, such as those maintained by enterprise or government," Lookout said yesterday in a blog post.
A number of websites have already been compromised, but those sites have seen little traffic so far. And since the malware requires the user to install the package, known as "Update.apk", Lookout doesn't anticipate much of an impact to Android users at this point.