News has emerged from mobile security firm Lookout that a bug called NotCompatible, was the most sophisticated Android bug it had seen. The hackers behind the malware had recently rewritten its core code in order to make it more difficult to defeat. Mobile malware that is specifically aimed at Smartphones is surely getting more and more complex. A security analyst at Lookout, Jeremy Linden said, ‘The group behind NotCompatible are operating on a different plane to the typical mobile malware maker.’ He said, mobile malware campaigns usually lasted only a couple of weeks but the NotCompatible creators had been operating for more than 48 months.
The bug first hit the open back in 2012, only now it is on its third iteration. Linden added that the latest version had been rewritten recently and was now as sophisticated as the type of malware that is usually aimed at desktop computers. The latest version employed ‘end-to-end encryption, peer-to-peer networking technologies and stealth operating procedures to help it avoid being spotted and removed’ he said.
Linden continued, ‘They are successful enough to make it worth ripping out the back end of the malware to make it be much more stable and resistant to efforts to take it down…This is the most technically sophisticated threat we are facing and it’s the most worrying to us.’ said Mr Linden.
Linden said phones that were compromised had been used in numerous scams including sending spam, attacking WordPress blogs and buying tickets for popular events in bulk, so that they then could be resold at a massively significant profits.
The spread of NotCompatible is quite prolific; it occurs via spam and websites that are seeded with booby-trapped downloads. Android users are to be wary of any application that requires a security update to be installed before the app can be run.
[Image via matemedia]