Microsoft engineer eyeballs Android botnet

Jul 04, 2012 by Nancy Owano report
Botnet
Image credit: Security Networks

(Phys.org) -- A Microsoft engineer has spotted a botnet that targets Yahoo! Mail users using Android devices. Terry Zink , who also writes an Internet security blog, said he has evidence of a botnet running on Android devices where spam e-mail messages are being sent from Yahoo mail servers on Android devices, logging into Yahoo! mail accounts and sending off spam. Zink, embarking on a tracking expedition, reported how all the messages coming from compromised Yahoo! accounts and sent through Yahoo! Mail servers, seemed to finish with “Sent from Yahoo! Mail on Android” signatures.

Zink was able to look up where the IPs were located: Chile, Indonesia, Lebanon, Oman, Philippines, Russia, Saudi Arabia, Thailand, Ukraine, and Venezuela.

Zink’s theory is that the users of those phones had downloaded a malicious app in order to avoid paying for a legitimate version but they got more than they expected. “Either that or they acquired a rogue Mail app,” he said.

A is a large number of compromised computers used to generate spam, and spread viruses. The spam samples he examined from compromised Yahoo accounts all had the Message-ID:
Message-ID: 1341147286.19774.androidMobile@web140302.mail.bf1.yahoo.com

He also said they all had the same message at the bottom of their spam: “Sent from Yahoo! Mail on Android.”

Android malware is a well-known fact of digital life, and last year security firms like McAfee spoke about sharp rises in Android malware. One reason given for Android’s vulnerability is that the platform simply provides, like Windows, a big marketplace and in turn serves as a big target for intruders. Like other security bloggers offering advice, where they suggest the user takes care to use trusted application stores and avoid unknown sources for apps, Zink said, “Your odds of downloading and installing a malicious Android app is pretty low if you get it from the Android Marketplace. But if you get it from some guy in a back alley on the Internet, the odds go way up.”

Those minimizing the July 3 posting perhaps would not want to recall the news release one day earlier, on July 2, where Trend Micro said Android malware levels were rising at an alarming rate. In the first three months of the year the team identified 5,000 malicious applications designed to infect Android phones, a number which spiked more than fourfold over subsequent months. “Consumers need to use care when downloading and installing apps and should be considering installing antimalware on their mobile devices," said the release.

Last month, the Defense Advanced Research Projects Agency (DARPA) awarded a $21.4 million contract to security firm Invincea to build security Android devices for the U.S. Army. The contract focus is to be protection of the devices against cyber-threats.

Explore further: Twitter rules out Turkey office amid tax row

More information: blogs.msdn.com/b/tzink/archive/2012/07/03/spam-from-an-android-botnet.aspx

Related Stories

Yahoo! helps find smartphone 'apps'

Jun 16, 2011

Yahoo! has begun helping people navigate the sea of applications available for Apple iPhones or mobile gadgets powered by Google-backed Android software.

Staggering surge in Android gadget viruses: Juniper

Nov 16, 2011

The arsenal of malicious code aimed at Android-powered gadgets has grown exponentially, with criminals hiding viruses in applications people download to devices, according to Juniper Networks.

Android users get malware with their apps

Mar 02, 2011

(PhysOrg.com) -- As new platforms make their way into the market there will always someone who is looking to exploit them for illegal or unethical ends. More proof of that fact has come today when Google was ...

Recommended for you

Twitter rules out Turkey office amid tax row

16 hours ago

Social networking company Twitter on Wednesday rejected demands from the Turkish government to open an office there, following accusations of tax evasion and a two-week ban on the service.

How does false information spread online?

19 hours ago

Last summer the World Economic Forum (WEF) invited its 1,500 council members to identify top trends facing the world, including what should be done about them. The WEF consists of 80 councils covering a wide range of issues including social media. Members come ...

User comments : 2

Adjust slider to filter visible comments by rank

Display comments: newest first

frajo
3 / 5 (2) Jul 05, 2012
Funny.
For 20 years no article about malware dared mention the Windows OS needed for that classic malware. Now the first Android malware is in the wild and is pronto mentioned in the press which is lucky to cite from msdn.com, a truly independent site.

No, thanks.
Nattydread
not rated yet Jul 05, 2012
funny indeed that microsoft point it out! Oh the irony!

More news stories

Simplicity is key to co-operative robots

A way of making hundreds—or even thousands—of tiny robots cluster to carry out tasks without using any memory or processing power has been developed by engineers at the University of Sheffield, UK.

Microsoft CEO is driving data-culture mindset

(Phys.org) —Microsoft's future strategy: is all about leveraging data, from different sources, coming together using one cohesive Microsoft architecture. Microsoft CEO Satya Nadella on Tuesday, both in ...

Floating nuclear plants could ride out tsunamis

When an earthquake and tsunami struck the Fukushima Daiichi nuclear plant complex in 2011, neither the quake nor the inundation caused the ensuing contamination. Rather, it was the aftereffects—specifically, ...

New clinical trial launched for advance lung cancer

Cancer Research UK is partnering with pharmaceutical companies AstraZeneca and Pfizer to create a pioneering clinical trial for patients with advanced lung cancer – marking a new era of research into personalised medicines ...

More vets turn to prosthetics to help legless pets

A 9-month-old boxer pup named Duncan barreled down a beach in Oregon, running full tilt on soft sand into YouTube history and showing more than 4 million viewers that he can revel in a good romp despite lacking ...