New server attacks mobile devices only
PC viruses and attacks may run rampant, but mobile threats tend to be rarer. We do hear of them though, and F-Secure reports an interesting new discovery.
The company confirms findings from one of its researchers that an existing server in the wild is designed to ignore computers, and go directly after your smartphone or tablet. The company claims, "we've discovered a server that only attacks and/or spams smartphones and tablets -- and not PCs".
The first known site for contamination is a travel blog going by the name Vagabond. From a Windows-based browser, the link redirects to a site called islasgalapagos.travel. Mobile browsers are redirected to a .info domain which, in turn, will redirect users once again.
The redirections can lead almost anywhere, from a game on Google Play to a porn site. Sometimes this simply leads to malware -- it's a roll of the dice. The threat is a variant of FakeInstaller: Trojan:Android/FakeInst.AV.
Naturally, F-Secure points out that its Mobile Security Safe Browser blocks the offending website. The security firm also says "visiting the .info site without the attack's parameter will result in a redirection to google.com. A site with an index page that redirects to google.com? Always a clue something's afoot".
Between this and yesterday's news of 40 new Java exploits, it seems there is no platform that can be truly trusted, and you really do need to be careful out there.