Researchers build 8,000-strong smartphone botnet

Summary:Security researchers used the lure of an innocuous weather application to commandeer about 8,000 iPhones and Android devices in a mobile botnet.

Looking to raise awareness about the security implications of third-party apps in smartphones, a pair of security researchers used the lure of an innocuous weather application to commandeer about 8,000 iPhones and Android devices in a mobile botnet.

The research project, first discussed by Dark Reading's Kelly Jackson Higgins, was unveiled at this year's RSA conference to show how harmless-looking smartphone apps can harvest sensitive user information, including GPS coordinates and phone numbers.

The project is the brainchild of Derek Brown and Daniel Tijerina of with TippingPoint's Digital Vaccine Group.  According to the report, the experimental app links to the Weather Underground Website and provides local and other weather forecast information to its users.

follow Ryan Naraine on twitter

It was created and submitted it to app clearinghouses that offer apps for Androids and jailbroken iPhones.

It should be made clear that only jailbroken iPhones were caught in the proof-of-concept botnet.  The researchers said they avoided Apple's iPhone app store because of Apple's strict security process, which includes code signing.

From the Dark Reading article:

Within an hour of the app being set up on the SlideME and ModMyI app sites, the researchers had 126 downloads, and 702 after eight hours. "After 24 hours, we had 1,862," Tijerina says. And as of yesterday, the count was 7,800 iPhones and Androids running the app. "This was really surprising because if this was malicious code, that's a lot of bots we would control," he adds.

To prove the dangers of the mobile botnet, the report said the pair also wrote a malicious version of the weather app that runs bot code and can grab contact information, cookies, and physical addresses, and can send spam runs.

The researchers say they have no plans to release the malicious application.

Topics: Hardware, iPhone, Mobility, Smartphones, Developer


Ryan Naraine is a journalist and social media enthusiast specializing in Internet and computer security issues. He is currently security evangelist at Kaspersky Lab, an anti-malware company with operations around the globe. He is taking a leadership role in developing the company's online community initiative around secure content managem... Full Bio

zdnet_core.socialButton.googleLabel Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.