A newly discovered variant of NotCompatible is establishing what has been called the most advanced mobile botnet yet created.
Security researchers at Lookout warn that the latest version of the Android malware is capable of infiltrating secure enterprise networks via compromised devices. NotCompatible uses a peer-to-peer control technique normally associated with only the most advanced Windows PC zombie networks. This makes the mobile malware both stealthier and harder to take down.
Lookout has observed the botnet being used for activities as diverse as fraudulent ticket purchases, spam, click fraud, and brute forcing passwords. Kevin Mahaffey, Lookout CTO, told El Reg that access the botnet is been rented out as a resource to various cybercrooks.
NotCompatible, an Android threat disguised as a system update, was first detected by Lookout in 2012. The latest variant, NotCompatible-C, is the third and most sophisticated variant to date.
Various generations of NotCompatible has infected hundreds of thousands of mobile devices, according to Lookout. Cybercrooks behind NotCompatible-C have built up their population of infected devices on the back of massive spam campaigns
A write-up of the threat can be found in a blog post by Lookout here. ®