Microsoft engineer discovers Android spam botnet

Summary:A Microsoft engineer has discovered and identified an Android botnet that is sending out spam on an industrial and international scale. Please only install Android apps that you trust.

Update: Google denies Android botnet claim

Microsoft engineer discovers Android spam botnet

Microsoft engineer Terry Zink has discovered Android devices are being used to send spam. He has identified an international Android botnet and outlined the details on his MSDN blog.

Android malware is on the rise. There have been many fake versions of Android apps (see links below) that try to cash in by sending expensive SMS messages. This is different.

In this case, the money is being generated after spam e-mails are sent from Yahoo Mail servers on Android devices. A closer look at the e-mails' header information shows all the messages come from compromised Yahoo accounts. Furthermore, they are also stamped with the "Sent from Yahoo! Mail on Android" signature.

As such, Zink believes a cybercriminal has developed a new piece of malware that can access Yahoo Mail accounts on Android devices and send spam messages from them. Since this is happening on a large scale, it follows the perpetrator has also linked the Android devices together to create a spam botnet, a technique often used when trying to monetize spam; it's all about volume, volume, volume.

Since Yahoo provides the originating IP address for the e-mails, Zink was able to figure out where the spam is being sent from: Asia, Eastern Europe, the Middle East, and South America. More specifically, the e-mails Zink got his hands on came from Chile, Indonesia, Lebanon, Oman, Philippines, Russia, Saudi Arabia, Thailand, Ukraine, and Venezuela.

Most of these countries are in the developing world, and so the Microsoft engineer argues that users likely tried to download pirated versions of apps to avoid paying. Alternatively, they were tricked into downloading a fake version of the Yahoo Mail app. Either way, it's unlikely they used the official Google Play store.

Android lets you download and install apps from anywhere. Please only install apps from Google Play unless you are absolutely certain you know who wrote the software you want to install. Fighting malware isn't just the responsibility of security firms: you can help by being smart about what you install.

Update: Google denies Android botnet claim

See also:

Topics: Security, Android, Google, Malware, Microsoft, Mobile OS, Open Source, Operating Systems, Smartphones

About

Emil is a freelance journalist writing for CNET and ZDNet. Over the years, he has covered the tech industry for multiple publications, including Ars Technica, Neowin, and TechSpot.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.