Freebie tricksters unleash spam botnet using Android phones

Dec 20, 2012 by Nancy Owano report

(—Cloudmark, a San Francisco based messaging security company, posted a notice on Sunday that an Android trojan is being used to create simple havoc, aka an SMS spam botnet. Cyber-thieves dangling the lure of free access to popular games such as Angry Birds Space and Need for Speed Most Wanted are staging attacks for the purpose of turning victims' Android phones into spam-sending monsters. Smartphone security company, Lookout, also based in San Francisco, is referring to the spammer botnet as SpamSoldier. The company also warned that it is spread through SMS messages that advertise free versions of paid games.

Once the user clicks on a link from one of these SMS messages, an application is downloaded that claims to install the game. The user unwittingly activates the SpamSoldier trojan.

This is a mobile created to infect phones so as to spread spam. In this instance, the spam-forwarding trigger is lurking behind the lure of free versions of popular games. The app contacts a web server for a list of phone numbers and can then start sending a flood of text messages. In addition to the game lure, security watchers say infected-phone messages also try to rope in victims by telling them they won a .

Users falling for the scam download apps from a server. They are told to grant the app permission to install and give it the ability to browse the web and send texts. While this should raise suspicions as trouble-bound directives, some users are not phased, said Andrew Conway of Cloudmark: "Not many people read the fine print when installing Android applications."

Once installed, that trojan will begin connections to the command and control server. The "zombie" waits 1.3 seconds after sending each message, and checks with the C&C server every 65 seconds for more numbers. Lookout, meanwhile, has noticed instances of the SpamSoldier on all the major carrier networks in the U.S., and warns that affected users may experience lower speeds along with higher bills. The single infection vector appears to be spam SMS messages. According to Lookout, it has not yet detected SpamSoldier on any major app stores.

Given the large amounts of SMS messages sent, this may not only add up to user costs but also slowdowns, according to Lookout's Derek Halliday. Similarly, Cloudmark's Conway said, "You better have an unlimited message plan or your phone bill may come as a bit of a shock."

The obvious admonishment would be not to download anything from unfamiliar sites. In a Tuesday update, Conway had this additional advice to offer: "So, if you do get SMS spam, don't bother replying STOP to the sender, just forward that message to 7726." The 7726 is SPAM on the keypad and hitting 7726 is designed to stop by reporting it to the phone user's carrier. Cloudmark is continuing to monitor this attack, according to Conway.

Explore further: Net neutrality balancing act

More information:

Related Stories

Text spam messages on the rise

Oct 12, 2012

Lesley-Ann Thompson's cell phone buzzed the other week with a text message telling her she had won a $1,000 gift card from Best Buy.

Researchers ID 'smishing' vulnerability in Android

Nov 05, 2012

(—Mobile security researchers have identified a new vulnerability in popular Android platforms, including Gingerbread, Ice Cream Sandwich and Jelly Bean. The vulnerability has been confirmed by ...

Microsoft engineer eyeballs Android botnet

Jul 04, 2012

( -- A Microsoft engineer has spotted a botnet that targets Yahoo! Mail users using Android devices. Terry Zink , who also writes an Internet security blog, said he has evidence of a botnet running ...

Recommended for you

Facebook rolls out location-sharing feature

9 minutes ago

Facebook users in the U.S. will soon be able to see which of their friends are in close proximity using a new feature the company is launching on Thursday.

Net neutrality balancing act

4 hours ago

Researchers in Italy, writing in the International Journal of Technology, Policy and Management have demonstrated that net neutrality benefits content creator and consumers without compromising provider innovation nor pr ...

Twitter rules out Turkey office amid tax row

Apr 16, 2014

Social networking company Twitter on Wednesday rejected demands from the Turkish government to open an office there, following accusations of tax evasion and a two-week ban on the service.

How does false information spread online?

Apr 16, 2014

Last summer the World Economic Forum (WEF) invited its 1,500 council members to identify top trends facing the world, including what should be done about them. The WEF consists of 80 councils covering a wide range of issues including social media. Members come ...

User comments : 3

Adjust slider to filter visible comments by rank

Display comments: newest first

not rated yet Dec 20, 2012
Another scam everyone should be aware of is the Amway Tool Scam. Google StopTheAmwayToolScam for more information, and forward this to every non-IBO you know, so they don't get scammed.
not rated yet Dec 20, 2012

"... some users are not phased ..." [sic]
What, ray-gun jammed?

Oh, you mean 'fazed'.
1 / 5 (1) Dec 20, 2012
Another scam everyone should be aware of is the Amway Tool Scam. Google StopTheAmwayToolScam for more information, and forward this to every non-IBO you know, so they don't get scammed.

Amway is just one of the companies out there doing that. At least they do actually sell products too unlike many of the internet business's you can become involved in. Most of those don't actually sell anything but the package info for a person to sell more package info pretending it's information on how to make money on the net. Most of them basically end up being like the old joke of where you see an ad in the paper that tells you how to make money - send your money - get back a piece of paper telling you to put an ad in a paper that says you will tell people how to make money. Many people have made lots of money on that racket and the internet has made it even simpler to do.

More news stories

Tiny power plants hold promise for nuclear energy

Small underground nuclear power plants that could be cheaper to build than their behemoth counterparts may herald the future for an energy industry under intense scrutiny since the Fukushima disaster, the ...

Hand out money with my mobile? I think I'm ready

A service is soon to launch in the UK that will enable us to transfer money to other people using just their name and mobile number. Paym is being hailed as a revolution in banking because you can pay peopl ...

Classifying cognitive styles across disciplines

Educators have tried to boost learning by focusing on differences in learning styles. Management consultants tout the impact that different decision-making styles have on productivity. Various fields have ...