While not an overly malicious virus or even particularly subtle in its approach, the latest virus for Android mobile phones is a reminder of the changing nature of active security on mobile devices.
For those not familiar with the NotCompatible virus, it’s a “drive by” virus that is installed on a device that visits compromised websites. A code on the site asks the user to “update your system,” which is actually a not-so-creative method to get the user to tap “accept” and allow the virus to install on the device. Once installed, the virus doesn’t appear to do much to the device beyond giving remote users direct access to whatever secured networks that phone or Android tablet connected to.
Even though the infection rate of this virus was low, and was pretty minor on the nefarious scale, it is an inexpensive lesson to IT managers and business owners about the threats that are showing up as a result of mobile devices hitting their networks. Businesses without some sort of MDM are completely exposed to this sort of intrusion. Specific to this instance, the only way the virus was installed was if the Android device had side loading enabled, a common toggle for those who use their phones or tablets for listening to music. If the device was monitored with an MDM solution, this setting would have been recognized and rectified before the virus had any chance to be installed.
We encourage companies to pay attention to these threats on mobile devices. They will only get more sophisticated with time.
