You know your operating system has truly arrived when it becomes the target of hackers.
We’ve already seen attempts to spread malware to Android devices via bogus apps (which is considerably easier given the open nature of distributing such apps.) We’ve also seen attempts to infect Android devices by tricking users into visiting specially crafted sites.
Now it appears the scammers are attempting to hack legitimate websites to infect visitors using an Android device, the so-called drive-by download tactic. Security firm Lookout reports sightings of a trojan dubbed NotCompatible, posing as a system update, that can be distributed via compromised sites.
The good news is that this is very much a case of principle outweighing practice and in the big picture, damage should be minimal. Firstly, the legitimate sites that have been hacked don’t appear to have a great deal of traffic.
Secondly, the trojan won’t get on all Android devices. It’s only possible where the user has enabled sideloading (that is, installing apps other than through “official” sources.) And the user will have to specifically approve the installation of the bogus app.
Finally, the trojan doesn’t seem to do all that much damage. It appears to simply turn the device into a proxy. That’s only likely to be a major problem if the device is then connected to a private network.
With all that in mind, the proportion of users who visit the infected sites and then wind up having a practical problem from the trojan is likely to be very low. That means that if the tactic is to take off, it will have to be by targeting high-traffic sites and playing the numbers game.
Still, the fact that somebody has even bother attempting the tactic suggests the darker side of the online community is giving an unwanted vote of confidence in Android’s continued success.
(Image credit: Lookout)