[WARNING] Hacked websites auto-downloading malware to Android devices

Discussion in 'Android General Discussions' started by r314bd, May 2, 2012.

  1. r314bd
    Offline

    r314bd New Member

    Joined:
    Jan 29, 2010
    Messages:
    863
    Likes Received:
    22
    Trophy Points:
    0
    Just saw a thread about this on reddit. Someone was browsing his local pest control company's website on his Android device and a split second after visiting the page, a download masquerading as an official update.apk started automatically. Apparently legitimate websites are now being unwittingly infected by this malicious code.

    A rep from Lookout posted in the thread saying they just added the exploit ("NotCompatible") to their file system monitoring/install monitoring...but it was only added within the last couple hours so be warned that this stuff is popping up, and if you aren't using some sort of anti-virus software with download monitoring on your device, you probably should.

    EDIT: Lookout just added a blog post about it on their website.
  2. jntdroid
    Offline

    jntdroid DF Super Moderator Premium Member

    Joined:
    Nov 18, 2009
    Messages:
    6,437
    Likes Received:
    292
    Trophy Points:
    83
    Location:
    TX
    thanks for sharing that!
  3. JSM9872
    Offline

    JSM9872 DF Super Moderator Staff Member Premium Member

    Joined:
    Dec 21, 2010
    Messages:
    12,936
    Likes Received:
    287
    Trophy Points:
    83
    Location:
    Somewhere In Pennsylvania...
    Thanks for the heads up SGM.
  4. CJM
    Offline

    CJM Developer Relations Staff Member Rescue Squad Premium Member

    Joined:
    Sep 12, 2010
    Messages:
    9,381
    Likes Received:
    558
    Trophy Points:
    113
    Location:
    Mississippi Gulf Coast
    Nice to know, thanks.

    Tapped from a Galaxy Nexus using Xparent ICS
  5. Adam74
    Offline

    Adam74 New Member

    Joined:
    Apr 5, 2012
    Messages:
    66
    Likes Received:
    10
    Trophy Points:
    0
    Location:
    Michigan
    I had no idea. Thank you for the heads up!!
  6. JeffDenver
    Offline

    JeffDenver New Member

    Joined:
    Apr 29, 2010
    Messages:
    924
    Likes Received:
    4
    Trophy Points:
    0
    Just an FYI...in order for this attack to work, your phone has to have "accept APKs from unknown sources" checked in your settings. This is something that is NOT checked by default, so unless you have deliberately enabled it, you are automatically immune to this attack.

    From what I understand, even then you will still be prompted to install. It won't ninja install. I don't think any APKs can do that, even official ones. You don't need any security apps like Lookout installed. You can be immune to this attack using only native tools.
  7. dolpns13
    Offline

    dolpns13 New Member

    Joined:
    May 10, 2010
    Messages:
    416
    Likes Received:
    0
    Trophy Points:
    0
    Location:
    Dirty Jersey
    Where is this option in the settings?
  8. r314bd
    Offline

    r314bd New Member

    Joined:
    Jan 29, 2010
    Messages:
    863
    Likes Received:
    22
    Trophy Points:
    0
    Settings -> Applications -> Unknown sources
  9. rherron
    Offline

    rherron New Member

    Joined:
    Jul 1, 2011
    Messages:
    295
    Likes Received:
    5
    Trophy Points:
    0
    No Amazon App Store without checking off to allow installation of non-Market applications.
Search tags for this page

anti tapping

,

apk files downloading automatically

,

automatically install apps android malware

,

hacking attack on droid razr maxx