We typically look to PCs and Macs when it comes to virus and trojan attacks originating from websites, however, mobile security firm, Lookout, claims to have spotted a webborne trojan, duly titled 'Notcompatible' which specifically targets Android handsets.
The trojan exists on infected websites as a hidden iframe at the bottom of each page, causing the device to automatically begin downloading the file 'Update.apk', an Android application file.
Lookout states that the trojan does not cause any direct harm or expose data on the device itself, which is likely protected through application sandboxing, however can be used as a TCP relay to bypass the firewall of whatever network the device is on. It's worth noting that this isn't a huge issue for many corporations or government institutions, as user WiFi devices are typically isolated or heavily fire-walled from the corporate network themselves and so, most at risk, in theory, are home users.
We wonder how and if Google will respond to the report and what measures may be taken by operators worldwide to bolster security on Android devices.