ANDROIDOS_NOTCOMPATIBLE.HRY
Android OS
Threat Type: Trojan
Destructiveness: No
Encrypted: No
In the wild: Yes
OVERVIEW
This Trojan may be unknowingly downloaded by a user while visiting malicious websites. It may be manually installed by a user.
TECHNICAL DETAILS
14032 bytes
APK
Yes
19 Mar 2013
Arrival Details
This Trojan may be unknowingly downloaded by a user while visiting malicious websites.
It may be manually installed by a user.
NOTES:
This malware is an Android Trojan that provides remote proxy service. It disguises itself as a system update. It may be used to access a private network or local area network through the infected device.
This malware may be downloaded from a malicious website. If users visit hxxp://www.{BLOCKED}a-kur-sporthotel.de/dbn/hpinbshpeblv.htm using Android devices, they will be redirected to hxxp://{BLOCKED}dcloudsecurityupdate.su/fixup.php .
Upon reaching that site, browsers may automatically download the malicious application named Update.apk. Automatic download will depend on the device’s OS version and browser. Some browsers may display a pop-up window like the one below:
After AndroidOS_NotCompatible.HRY has been downloaded, a message will then prompt users to click the notification to install the downloaded app.
However, installation will not continue if the device does not allow installations from unknown sources.This app will automatically run as a service at every system startup. It will not display any icon, hiding its presence from users.
SOLUTION
9.300
1.435.00
21 Mar 2013
Scan your computer with your Trend Micro product to delete files detected as ANDROIDOS_NOTCOMPATIBLE.HRY. If the detected files have already been cleaned, deleted, or quarantined by your Trend Micro product, no further step is required. You may opt to simply delete the quarantined files. Please check this Knowledge Base page for more information.
Did this description help? Tell us how we did.