Infected websites distribute NotCompatible trojan to Android devices
New malware has been discovered today and it targets Android devices, being automatically downloaded from infected websites. The websites are usually trusted and legitimate, but due to security flaws hackers manage to introduce a piece of code in their source that automatically downloads a malware application on all Android devices.
The trojan has been called NotCompatible and it doesn’t trigger if the visitor uses anything else except the Android platform, according to the Lookout blog. Fortunately you won’t get infected right after the application is downloaded, because it has to be installed manually in order to work, so make sure you only install apps you trust and never install one that you did not download yourself.
After the trojan is downloaded a notification will show up telling you to install it. If you ignore it or have “unknown sources” disabled then you are safe, because it can’t do anything if not installed. We really recommend that you keep the “unknown sources” setting disabled for your safety, because this option only allows your device to install apps downloaded from the Google Play.
The NotCompatible trojan file is called update.apk, but they can rename it however they want, so you shouldn’t base on this for your safety.
Currently no direct treat to the device has been discovered and the trojan is probably used just like a proxy, in order to infect or gain access to more devices or computers. If you take a look at the apps permission, you will see that it has full internet access, which may incur in data charges for you.
At the moment we don’t know how many sites might be infected with the malware, but there are many vulnerable websites and thousands get infected with trojans daily, so you have to take care if you care about security, because nothing can protect you better than yourself.