Symantec has observed a new Android malware threat.
Detected by Symantec as Android.Notcompatible, the Android malware threat is currently being spread by a handful of infected websites. When a user visits a tainted website, the Trojan is automatically downloaded to his/her device. Instead of downloading automatically like the usual drive-by download, the user must manually agree to install this threat.
Hence, the user is "conned" into believing that this is just another device security update. The threat then allows its creator to re-route data traffic from an infected device to a third-party destination. This threat highlights how mobile malware authors are moving beyond traditional “smash-and-grab” activities, such as premium SMS scams, and towards more sophisticated assaults, such as theft of sensitive information.
Read the Symantec blog for more information.