Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Android Trojan Mimics PC Drive-by Malware Attack


  • Please log in to reply
No replies to this topic

#1 buddy215

buddy215

  • Moderator
  • 13,196 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:04:57 PM

Posted 14 May 2012 - 06:32 AM

Android Trojan Mimics PC Drive-by Malware Attack | PCWorld

.........Discovered by security company Lookout Mobile Security on a number of webistes, the decidedly odd "NotCompatible" Trojan is distributed using a web page containing a hidden iFrame......

.........This isn't quite a PC drive-by attack because the user still needs to install the app, at which point it relies on the user having ticked the "Unknown Sources" box (in most cases this box would be unticked) that allows non-market apps to be installed.............

The NoScript browser addon will protect you in the same way on your Android smartphone as it does on your PC.
From NoScript site:

# IFRAMEs embedded in untrusted pages are always blocked, unless they load content from the same site as their parent
# IFRAMEs embedded in trusted pages are blocked if they try to load content from untrusted sites
# If NoScript Options|Embeddings|Apply these restrictions to trusted sites too is checked, no IFRAME can be loaded unless it loads content from the same site as its parent

* You may ask, what if site I really trust gets compromised? Will I get infected as well because I've got it in my whitelist, ...?
No, you won't, most probably. When a respectable site gets compromised, 99.9% of the times malicious scripts are still hosted on a different domain which is likely not in your whitelist, and gets just included by the pages you trust. Since NoScript blocks 3rd party scripts which have not been explicitly whitelisted themselves, you're still safe, with the additional benefit of an early warning
“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

BC AdBot (Login to Remove)

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users