Android Malware and More Corporate Concerns

1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
May 25, 2012

More malware trouble ahead as the latest malware terrorizing the technology market is found to be clinging onto hacked websites in order to target mobile devices. As if android spy apps were not enough, this is another eye opening threat. Never before have websites been used to target mobile devices. The malware, Notcompatible, is a Trojan that goes specifically after Android smartphones and tablets. Trouble for android security is nothing new, people have been wondering how to deal with spy apps for Android and other Android spyware for a while now.

This Trojan software appears a TCP relay/proxy while disguising itself as a system update. No direct harm seems to be met with to the targeted device. However, what can be done is that access to private networks can be gained by turning an infected Android into a proxy server. Though the security threat from this bug seems to be at a minimum at the moment, corporate concerns still run high since corporate networks still have much to lose from such an attack. Much like the working of a spy app for Android spy software no less.

How NotCompatible Works

The actual spread of the malware depends firstly on the status of the compromised websites and whether they have a hidden iframe. When users visit these particular websites from their Android phones, the mobile browser will begin to download the NotCompatible app disguised under the app name ‘Update.apk’. Since all drive- by downloads need to first be installed before the apps can run, unless users instantly start installing the app, researchers say it is relatively at a low threat. Though there are already a number of sites infected the number of users for these sites are still limited.

If we consider the NotCompatible Trojan in itself it seems that it’s a low risk threat. But it is also a prototype for more advanced sorts of malware to come. Though this bug is obviously well designed its purpose is not so hidden. What this means then is that an Android infected with NotCompatible has potential to be used to gain access into protected information systems of companies or governments.

Corporations Feel Threatened

According to LookOut Security, a San Fransisco bases security firm, NotCompatible is a threat for organizations and corporate networks. The Android Trojan is known to have objectives of general online fraudulency and to gain access to private information. By turning Androids into proxy, hackers can directly move data packets.  LookOut users can overcome this threat through the File System Monitoring and Install Monitoring features. But what the concern in the amount of confusion this can spread. If Android devices are the infected sources of malware than hackers have found a wonderful cover for the illicit data flow, with companies being unable to track the actual source from the chain of malware infections.

In such cases where we see how clearly malware is advancing, and that too at an alarming level, it is quite fair for corporate networks to feel threatened. Before this, most Android malware was directed at social purposes and the individuals complaining of it were complaining on the social front, as do most people who are targets of Android spy apps and the like. This time however, the Android malware has graduated onto a higher playground. The fact that malware developers are breaking onto the legitimate website front is evidence of this enough.

You may also like...

  • Malware on Android devices is a real and growing threat, and one that is only likely to worsen. I hope this problem will be resolved soon.