Just saw a thread about this on reddit. Someone was browsing his local pest control company's website on his Android device and a split second after visiting the page, a download masquerading as an official update.apk started automatically. Apparently legitimate websites are now being unwittingly infected by this malicious code. A rep from Lookout posted in the thread saying they just added the exploit ("NotCompatible") to their file system monitoring/install monitoring...but it was only added within the last couple hours so be warned that this stuff is popping up, and if you aren't using some sort of anti-virus software with download monitoring on your device, you probably should. EDIT: Lookout just added a blog post about it on their website.