Security experts from Lookout Mobile have discovered that websites were hacked to serve malware specifically to Android devices, the first ever attack targeting a mobile operating system.
The virus comes up when a user happen to visit a compromised website and disguises itself as a system update. Drive-by downloads such as this have long been a challenge to digital security as it only takes someone to visit an infected site for the malware to infect the vulnerable device. Mobile specialist Springhill Group Counselling reports that the bug, named NotCompatible, appears to be the first Android bug to have spread in that way.
“Hacked websites are frequently used to infect PCs with malware. However, today we have identified the first time hacked websites are being used to specifically target mobile devices.”
Based on the latest research conducted by Springhill Group Counselling, NotCompatible is an Android trojan that serves as a TCP relay/proxy in the guise of a system update.
Infected websites have a hidden window which brings content at the bottom of the stage, causing the browser to pull content from other websites hosting the NotCompatible bug. Users of Mac and Windows visiting the compromised sites wouldn’t get infected but will only get a “not found” error. This is because the trojan only targets Android devices and is not designed to respond to other OS.
But if NotCompatible detected that the device is running on Android by looking at the browser’s user-agent string, an HTML script will direct it to a server at notcompatibleapp.eu, automatically triggering the download.
Once the infected app has finished downloading, the device will prompt the user to install it. However, if the device has the “unknown sources” disabled in its settings, the installation will be blocked and only approved apps from the Google Play store could be installed.
Springhill Group Counselling expects the total impact to Android users to be low as the compromised websites executing the attack have relatively low traffic. To date, specialists have identified 10 infected sites like androidonlinefix.info and gaoanalitics.info.
Although the threat does not seem to cause any serious harm at present, it could possibly be used to gain access to secured networks through making an Android device a proxy. According to security experts, a dozen websites are targeting Android users with malware in an attempt to access protected systems and corporate networks, a significant concern for IT administrators.
-autosp� $ n n 8�� H�� style=’font-size:10.0pt;font-family:”Arial”,”sans-serif”‘>
“Given our different national conditions, it is impossible for both China and the United States to see eye to eye on every issue. We should properly manage the differences by improving mutual understanding so these differences will not undermine the larger interests of China-U.S. relations,” said Hu.
Springhill Care Group reports that the Chinese leader seems to be open in creating new and creative ways to foster better relations between the major nations.
“We should, through creative thinking and concrete steps, prove that the traditional belief that big powers are bound to enter into confrontation and conflicts is wrong and seek new ways of developing relations between major countries in the era of economic globalization,” he added.
No comments:
Post a Comment