My Advice to You: Get a New Handset OS. Or Start Drinking Heavily.
Recently, Emil with the Zero Day Team at ZDNet reported a new Trojan for Android, NotCompatible, was found posted on a hacked website. We knew this was coming, and are surprised it has taken this long to materialize.
The link back to ZDNet is here:
http://zd.net/mobilemalwareiscoming
We have posted on this coming development over a year ago, here and recently, here. This is coming in a big way due to several important realities in the current mobile landscape:
-
- Android is a fragmented, almost handset-proprietary OS. It is not likely to be updated often enough because it offers little impetus for a user to upgrade their handset. When OEMs have an incentive to not upgrade their OS because it is better for unit sales, that spells trouble.
-
- Android can be set to accept sideloaded apps, apps which are able to be installed outside Google Play or other more stringently monitored sites.
-
- Most of the folks who have an Android handset likely don’t even know they have Android. While some are power users, there are far more users who don’t have a clue.
From the last line of the article in the linkback:
Personally, I think cyber criminals are testing to see how easy it would be to infect thousands if not millions of Android devices. Imagine the recently discovered fake Android apps (see links below) coupled with this drive-by download example. This could get ugly.
Yes, ugly indeed.
Below are the links referred to in the article that relate to recently discovered Android malware.
