Dear Visitor,

Our system has found that you are using an ad-blocking browser add-on.

We just wanted to let you know that our site content is, of course, available to you absolutely free of charge.

Our ads are the only way we have to be able to bring you the latest high-quality content, which is written by professional journalists, with the help of editors, graphic designers, and our site production and I.T. staff, as well as many other talented people who work around the clock for this site.

So, we ask you to add this site to your Ad Blocker’s "white list" or to simply disable your Ad Blocker while visiting this site.

Continue on this site freely
You are here: Home / Mobile Tech / Evidence of Android Botnet Found
Some Android Phones Found Spewing Malicious Spam
Some Android Phones Found Spewing Malicious Spam
By Jennifer LeClaire / NewsFactor Network Like this on Facebook Tweet this Link thison Linkedin Link this on Google Plus
If you have an Android device, watch out. You may be part of a mobile botnet. A Microsoft researcher is warning that hackers may have hijacked some Android phones to send spam e-mails.

Microsoft researcher Terry Zink pointed to trails of spam being sent by Android devices from Yahoo mail servers. It would not be the first time in recent months that Android was hit with malware issues. But the new revelation marks a new strategy.

"I've written in the past that Android has the most malware compared to other smartphone platforms, but your odds of downloading and installing a malicious Android app is pretty low if you get it from the Android Marketplace," Zink wrote in a blog post. "But if you get it from some guy in a back alley on the Internet, the odds go way up."

Downloading Rogue Apps

Zink has also written that users in the developed world usually have better security practices and fewer malware infections than users in the developing world. Most of the countries to which Zink tracked the Yahoo IP addresses were in the developing world -- Chile, Indonesia, Lebanon, Oman, Philippines, Russia, Saudi Arabia, Thailand, Ukraine and Venezuela.

"I am betting that the users of those phones downloaded some malicious Android app in order to avoid paying for a legitimate version and they got more than they bargained for. Either that or they acquired a rogue Yahoo Mail app," Zink said.

"This ups the ante for spam filters. If people download malicious apps onto their phone that capture keystrokes for their e-mail software, it makes it way easier for spammers to send abusive mail. This is the next evolution in the cat-and-mouse game that is e-mail security."

Exercising Caution

Neil Roiter, research director at Corero Network Security, said the fact that we are seeing spam from a botnet of hijacked Android phones for the first time highlights the risk of downloading applications from unauthorized sites rather than the official Android market, Google Play, or Amazon's Appstore for Android. PC-based botnets are major cyber crime weapons.

But, he told us, this development raises new concerns about mobile device security and associated cyber attacks.

"Google is making efforts to keep rogue applications from the Android market," Roiter said. "However, it stands to reason that Google cannot protect users who opt to download applications from non-sanctioned sites."

What types of messages are the botnets sending? According to SophosLabs, the malware ads are for medications for weight loss, diabetes, pain, and Viagra. Some of the mail contains images.

Sophos' Chester Wisniewki said it is likely that Android users are downloading Trojanized pirated copies of paid Android applications.

"The widespread nature of source devices is unusual as most Android malware is not downloaded from Google Play, but localized 'off market' download sites," he wrote in the Sophos blog.

"Android users should exercise caution when downloading applications for their devices and definitely avoid downloading pirated programs from unofficial sources. Google, Amazon and others may not be perfect at keeping malware off of their stores, but the risk increases dramatically outside of their ecosystems."

Read more on: Android, Microsoft, Malware, Botnet
Tell Us What You Think


Like Us on FacebookFollow Us on Twitter
© Copyright 2016 NewsFactor Network. All rights reserved. Member of Accuserve Ad Network.