NotCompatible Trojan may compromise on corporate networks’ security

A new piece of malware, going by the name of NotCompatible is on the loose and may directly affect Android tablets and smartphones, along with being a potential risk hazard to corporate networks and their security. This malware has been planted on a couple of websites generating low traffic and has been used as a proxy as the device’s owner. Lookout Mobile Security CTO Kevin Mahaffey mentioned that the attacker could hook on to a business network with the affected Android device and access corporate information using Wi-Fi. What CIOs need to be vigilant about is allowing and using Android devices at the workplace. As reported, some IT companies haven’t been allowing Android devices and tablets at work, owing to the open source nature of the ecosystem that allows users to download apps and games from third party websites as well. As opposed to that, iPhones and iPads have been allowed due to the fact that software can be downloaded only via the Apple store. 

The bug

“The fact that [Android] is an open system as opposed to a closed system like the Apple Store means there are no controls on what gets installed, and this increases the risk of picking up some malware that could compromise the device,”  IT leader, Terex CIO Greg Fell said.

However, according to Mahaffey, it’s still at the nascent stage and since NotCompatible is an automated script, chances are high that the attacker is simply trolling to find vulnerabilities and loop holes, rather than attack a particular organization or business. “So far we have not seen any clear pattern as to what constitutes a site that was compromised … It seems to be scattershot,” Mahaffey said.

Also, it’s important to note that NotCompatible at the moment can only affect individuals that have the option to download software from unofficial sources, enabled on their Android smartphones and tablets. Those who haven’t are safe from this Trojan. How the infection happens is pretty simple. When a particular individual goes to an infected website, the browser automatically downloads Update.apk, which is the Android malware package. The package will start working behind the scenes when the user clicks on the install prompt it provides. The chances are slim, but the threat is very much existent.