Researcher demos SMS-based smartphone botnet

Researcher demos SMS-based smartphone botnet

Summary: SchmooCon 2011: A security researcher has demonstrated an Android based, SMS-driven smartphone botnet.


A security researcher has demonstrated an Android based, SMS-driven smartphone botnet. Presented at this year's ShmooCon conference, the proof-of-concept shows multiple phones accepting commands from a central location, with knowledge of the commands interface.

"A botnet control scenario is presented in which smartphone bots receive instructions through sms that are processed by a proxy between the GSM modem and the application layer, making the botnet messages transparent to the user. An Android version of the bot will be shown in action, and proof of concept code will be released for multiple platforms."

Upon sending a simple SMS message to the already infected smartphones, the response in terms of the actions executed can be tailored to the needs of a malicious attacker looking to create a mobile phone based botnet for literally any kind of malicious purpose. (Here's a video of the demonstration).

Last week, researchers from Indiana University and the City University of Hong Kong released another Android based proof of concept malware, this time attempting to "hear" credit card numbers. The Soundminer, a context-aware piece of malware, is the very latest indication that the academic community wants to stay a step ahead of cybercriminals themselves.

Related posts:

What's the future of mobile malware and smartphone botnets? Sadly, the future looks bright. From social engineering driven malware infections on Android devices, to flawed from a security perspective, efficiency-driven models, malicious attackers remain perfectly positioned to capitalize on these exploitation vectors, unless the average and enterprise users become aware of them.

Topics: Networking, Android, Smartphones, Security, Mobility, Malware, Hardware, Google, Collaboration, Telcos

Dancho Danchev

About Dancho Danchev

Dancho Danchev is an independent security consultant and cyber threats analyst, with extensive experience in open source intelligence gathering, malware and cybercrime incident response.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • RE: Researcher demos SMS-based smartphone botnet

    To install a malware you have to:

    1. Avoid the Android Market.
    2. Enable sideloading apps
    3. Ignore the permissions warning screens
    4. Install the app.

    I really don't see that happening. Plus, Google has a remote kill switch on all android apps out there.
    • Using the Android Market helps little

      @tatiGmail <br><br>The time to placement to availability is almost 0. There is a reason Google has had to use the remote delete button multiple times.
    • RE: Researcher demos SMS-based smartphone botnet

      @tatiGmail:So you are saying that you can't get bad apps from the Android market? LOL! You can get bad apps from the Apple App Store, you for sure can get bad apps (As it's been shown) from the market.

      On top of that for real who reads the permission warnings? I mean that is like saying that people pay attention to the pop up warnings on Macs or Windows. Esp on Windows they pop up so much that people just install and don't read.

      And remote kill switch, after your personal data is stolen. Wow, that really helps.
  • wow! this is BAD. I hope nobody is

    staking their reputation on this being the most secure os in the world!!!
    Ron Bergundy
    • Instructions for installing Linux Malware.

      @Ron Bergundy <br><br>evilmalware 0.6 (beta)<br><br>Copyright 2000, 2001, 2003, 2005 E\/17 |-|4><0|2z Software Foundation, Inc.<br><br>This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY, COMPLETE DESTRUCTION OF IMPORTANT DATA or FITNESS FOR A PARTICULAR PURPOSE (eg. sending thousands of Viagra spams to people accross the world).<br><br>Basic Installation<br><br>Before attempting to compile this virus make sure you have the correct version of glibc installed, and that your firewall rules are set to allow everything.<br><br>Put the attachment into the appropriate directory eg. /usr/src.<br>Type tar xvzf evilmalware.tar.gz to extract the source files for this virus.<br>cd to the directory containing the virus' source code and type ./configure to configure the virus for your system. If you're using csh on an old version of System V, you might need to type sh ./configure instead to prevent csh from trying to execute configure itself.<br>Type make to compile the package. You may need to be logged in as root to do this.<br>Optionally, type make check_payable to run any self-tests that come with the virus, and send a large donation to an unnumbered Swiss bank account.<br>Type make install to install the virus and any spyware, trojans pornography, xxxxx enlargement adverts and DDoS attacks that come with it.<br>You may now configure your preferred malware behaviour in /etc/evilmalware.conf.<br><br>*****<br><br>...Reminds me of the Evolution of Linux so much, expecially the black MS Porsche: ;) <br><a href="" target="_blank" rel="nofollow"><a href="" target="_blank" rel="nofollow"></a></a>
  • AnDUD os is poorly written,

    poorly maintained, poorly secured OS. Only thing worse is Windows.
    • Maybe MS will decide to go Open Source? :)


      It can't be that bad.

      <i><font color=#0000ff>"The unveiling of the Android distribution on 5 November 2007 was announced with the founding of the Open Handset Alliance, a consortium of 79 hardware, software, and telecom companies devoted to advancing open standards for mobile devices. Google released most of the Android code under the Apache License, a free software and open source license.
      The Android operating system software stack consists of Java applications running on a Java-based, object-oriented application framework on top of Java core libraries running on a Dalvik virtual machine featuring JIT compilation. Libraries written in C include the surface manager, OpenCore media framework, SQLite relational database management system, OpenGL ES 2.0 3D graphics API, WebKit layout engine, SGL graphics engine, SSL, and Bionic libc. The Android operating system consists of 12 million lines of code including 3 million lines of XML, 2.8 million lines of C, 2.1 million lines of Java, and 1.75 million lines of C++.</font></ii>
  • RE: Researcher demos SMS-based smartphone botnet

    Can't wait to see what malware the black-hats cook up for WP7.
    Alan Smithie