New Android Malware Spreading Via Infected Websites

Symantec has observed a new Android malware threat being distributed by a handful of infected websites. Full details on this threat, detected by Symantec as Android.Notcompatible, can be found here:

When a user visits an infected site, this Trojan is automatically downloaded to their device. Unlike a traditional drive-by download, however, the user must still manually agree to install this threat. Therefore, it has been disguised as a device security update. The threat then allows its creator to reroute data traffic from an infected device to a third-party destination.

This threat highlights how mobile malware authors are moving beyond traditional “smash-and-grab” activities, such as premium SMS scams, and towards more sophisticated assaults, such as theft of sensitive information.