Google’s Android has been doing very well lately, with competition phone manufacturers claiming Apple iPhone’s leader in the field. With Android close to gaining over iOS, there’s one aspect that might ruin months of work. Experts say that recent Android malware is a risk for corporate networks.
Wall Street Journal writes that “for the first time, malware is exploiting hacked Web sites as part of a scheme to target mobile devices”. The Trojan is hidden under a NotCompatible safe software error and it was designed to particularly affect Android based gadgets. At the same time, the Android malware seems to be used to hid online frauds.
Kevin Mahaffrey is co-founder and CTO of a San Francisco based firm called Lookout Security. The main focus of the company is Android and during their investigations it was found there was a new malware out there. Called “NotCompatible” the Android malware is, according to Mahaffrey, a risk to corporate networks.
“One is general online fraud, the other is targeted attacks against enterprises” said Mahaffrey during an interview about the objectives of the Android Trojan. The risk for corporate networks’ infection is however minor at this point, but Lookout Security analysts “have confirmed that it is engaged in online purchasing activity”.
Mahaffrey explained that the NotCompatible Android malware infects the devices and converts them into proxy, thus allowing hackers to move the data packets directly. Basically, through converting Android based devices into gateways for malware, hackers are in fact trying to mask the illicit traffic by throwing the blame at the smartphone or tablet, rather than the actual culprit.
It wasn’t until recently, says Mahaffrey, that hackers got bold and used actual and legitimate websites for their Android malware infection. TicketMaster was among the websites used by hackers to expand their network of infected Android gadgets. “This is the first time that [attackers] have used legitimate websites to serve Android malware” said Mahaffrey, confessing that it was this detail that caught their eye. “We see Android malware all the time, but it’s usually served using social engineering” added Mahaffrey.
As a final argument, Mahaffrey pointed out that the present day Android malware infection is proof that “mobile malware is exiting the test stage”.