Technology News

latest updates from easySERVICE™

Smart Android malware campaign attacks only Android devises

Android malware

A recent spam campaign exhibits more than the usual amount of cleverness, as described by Jim Clausing at the SANS Institute.

Clausing investigated a suspicious email of a type that was spreading several weeks ago. It contained a link which, when followed on most platforms, went to a typical spam site. When followed on Android, it distributed Android malware.

I haven’t blurred out the link because, as Clausing reports, there is no longer malware there. When I test the URL from Chrome on a PC, I am redirected to a Canadian pharmacy site, a classic spam target as Clausing says. When I test it from Chrome on Android, I am redirected to the root of the domain, which says that the domain is for sale. I am not served any malware. So the malware itself has been taken down, but the OS-specific redirect (which then used a META refresh tag to serve the malware when it was still up) is still in place and the spam links still functional.

The malware itself, according to Clausing, was the latest version of “DroidNotCompatible.” Based on some Googling, this appears to be the malware usually called “NotCompatible” and which comes in a file named update.apk.

In order to run the attack, one must first enable installs from untrusted sources in Android settings and then choose to run the APK from the downloads folder. So it’s far from a true drive-by, but it’s still interesting that it downloads only on Android devices.

Source: Associated Press


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s


This entry was posted on April 7, 2014 by in Malware, Operating System, Security and tagged , , .
%d bloggers like this: