Spam: an Android botnet

A botnet has been discovered which sends spam messages to Android devices.

Program Manager for Microsoft Security Online, Terry Zink has updated a botnet which controls Android devices. This botnet is used to send massive amounts of spam.

Terry Zink has come to this conclusion following the analysis of a sample of headers which contain the: "Sent form Yahoo! Mail on Android" signature. He has traced these messages to Chile, Indonesia, Libran, Oman, the Philippines, Russia, Saudi Arabia, Thailand, the Ukraine and Venezuela.

For the infection, he suggests that Android device users have unwittingly downloaded malicious applications to avoid paying for legitimate applications or they have acquired a corrupted Yahoo! Mail application.

This is the first time that he has noticed the existence of a botnet on Android devices which are under the controller of the spammer.

Security company Sophos confirms the existence of this botnet, pointing out that most Android malware isn’t downloaded from Google Play but via “off market” download sites.

"Android users will have to be careful when they download applications for their devices if they want to absolutely avoid hacked programs from unofficially sources" writes Chester Wisniewski from Sophos. While he recognizes that even though Google Play isn’t always able to hunt out all malware from their site, the risks are considerably lower when applications are downloaded from official channels.

Among the analysed spam were messages with only text, and others with some pictures. An example is cited of an online pharmacy which sells well known blue pills.