A malware threat has been found to now hijack more than 4 million Android phones which makes these devices send spam emails, get users to buy tickets for events in bulk and also cracks passwords on WordPress. The threat was first found in 2012. In its latest invasion, this threat has begun to put at risk networks which are used by various enterprises. Lookout which is a mobile security firm reported that this threat which is known as ‘NotCompatible’ was first found in 2012. Initially, the malware was found in a disguised form as a system update and once downloaded; it had the ability of turning the infected device into a proxy controlled by the attacker. A senior product manager working at the company also had stated back in 2012 that sophisticated threats were found to have increased over the years and it was for the first time that malware writers had begun to target mobiles through the internet by making use of websites which were compromised and/or infected by the NotCompatible threat.
It has been since that the company has been tracking the progress and works of this threat and has found a new version of it to have emerged which is known as the NotComptabileC. Why this is considered to be a much worse threat then its previous version is because of its ability to infiltrate the enterprise networks through infected devices.
While the newer version is a bot-net for rent, the server architecture for this version along with its encryption and its peer to peer communications make it to be an even greater threat. This version is likely to be more difficult for various security systems to be able to block because its initial detection would be difficult to begin with.
This version infects the devices by spam emails and through websites which have been compromised. The threat and malware is dependent upon the gullibility of the Android device user. The malware includes a link in the application package for android for weight loss solutions for e.g. in an email with the hopes that the user will click on it.
Once a phone gets infected, it can be costly to be fixed by the owner. Furthermore, it also drains out the battery and makes use of the data which isn’t part of the data plan being used by the user. Thus, in order to combat this malware threat, security companies are providing 2 strategies which consist of making use of an advanced platform which can be used in detecting the threat on the device along with segmenting networks which can limit the reach of the device if it does get infected. The mobile app by the company Lookout is one such app which can defend android devices from becoming infected by this newer threat.
Lookout’s report has further details regarding this malware threat and it is one of its kind and brings users of android devices to notice it. An online security company by the name of F-Secure has stated that out of the malware threats found in the first quarter of 2014, 99% of them have been aimed for android devices. Another mobile company by the name of Cheetah which makes mobile apps for the purpose of cleaning, optimizing and protecting phones also reported that out of all the apps for android, 9% of them were either partially or fully malware.