Click to Skip Ad
Closing in...

Complex Android malware believed to have infected up to 4.5M smartphones in the U.S.

Published Nov 21st, 2014 6:50AM EST
Android Malware: NotCompatible
Image: The Miller Group

If you buy through a BGR link, we may earn an affiliate commission, helping support our expert product labs.

As many as 4.5 million American Android smartphone users may have been fooled into somehow downloading a complex malicious program on their devices since January 2013, The New Yok Times reports, citing security company Lookout.

FROM EARLIER: FTC cracks down on massive ‘PC cleaner’ security scam

Called “NotCompatible,” the malware has reached its third version, which is even more sophisticated than predecessors — Lookout said about it that it “has set a new bar for mobile malware sophistication and operational complexity.”

In order to ultimately infect smartphones, hackers have used various techniques, such as infecting legitimate sites with malicious code that’s automatically downloaded when a user visits that site from an Android phone, or by sending spam messages that offer fake security patches or weight loss solutions.

Spam messages helped NotCompatible infect more than 20,000 devices a day, Lookout says, without specifying how long this particular method has been used for.

It’s not clear what the malware is supposed to do, though it doesn’t appear to directly target the user. Instead, it appears the hackers simply wanted to infect a massive number of devices and turn them into a botnet, which can then be used for various malicious purposes.

Hackers rented the botnet to spammers, or people who used it to buy ticket for events in bulk from various sites, or target WordPress accounts in order to crack them.

A user with an infected device might notice increased battery life consumption and/or higher-than-usual data consumption, without realizing what’s actually happening.

Lookout revealed that the malware lets infected devices search and communicate with other machines, and hackers have found a way to encrypt communications between the command and control center and infected devices, making them more difficult to analyze. The security company says that its security tool can identify NotCompatible and prevent it from infecting Android devices.

Even though Google confirmed some of its Android users have malware problems — a small percentage of the total number of active users, but still a significant number — most Android users know how to protect themselves against such attacks, and often dismiss malware reports as inaccurate. Simple steps such as avoiding downloads from untrusted sites, especially apps from third-parties and unofficial stores, are enough to significantly minimize malware threats.

Chris Smith Senior Writer

Chris Smith has been covering consumer electronics ever since the iPhone revolutionized the industry in 2008. When he’s not writing about the most recent tech news for BGR, he brings his entertainment expertise to Marvel’s Cinematic Universe and other blockbuster franchises.

Outside of work, you’ll catch him streaming almost every new movie and TV show release as soon as it's available.