Recently a new Trojan named “NotCompatible” spreading through Hacked websites and targeting to android devices.
This Trojan appears to serve as a simple TCP relay / proxy while posing as a system update. This threat does not currently appear to cause any direct harm to a target device, but could potentially be used to gain illicit access to private networks by turning an infected Android device into a proxy. As previously mentioned, this appears to be the first time that compromised websites have been used to distribute malware targeting Android devices.
How the attack works:-
When you browse any website using your android smartphones, then web browser will automatically begin downloading an application, Basically a hidden iframe presents at the bottom of the compromised website with “Update.apk” android app,(just make you beleive that it is a system update.)
When the suspicious application finishes downloading, the device will display a notification prompting the user to click on the notification to install the downloaded app. In order to actually install the app to a device, it must have the “Unknown sources” setting enabled (this feature is commonly referred to as “sideloading”). If the device does not have the unknown sources setting enabled, the installation will be blocked.
How to Prevent:-
The best way to prevent from these malicious apps is Unchecked Unknown Sources options from the settings. This options always help you to protect from all non-market apps.
