Smartphones and tablets powered by the Google-spearheaded Android mobile operating system have been hijacked by a botnet, a Microsoft engineer has revealed.
Writing on his MSDN blog, Terry Zink says that botnet operators are controlling Android devices to send out spam.
For the uninitiated, botnets are infected computers that hijackers pilfer information from or use to either send out spam messages or to carry out actions like distributed denial-of-service attacks.
However, botnets usually are formed from compromised laptop and desktop computers.
According to the Microsoft researcher, all the messages come from Yahoo Mail servers pointing to the use of compromised Yahoo accounts. All the emails contain “stock spam, the typical pump and dump variety that we’ve seen for years,” but they are also all carrying the Message-ID “1341147286.19774.androidMobile@web140302.mail.bf1.yahoo.com.”
At the bottom of all the spam emails, the following is also written: “Sent from Yahoo! Mail on Android”
“We’ve all heard the rumors, but this is the first time I have seen it – a spammer has control of a botnet that lives on Android devices. These devices login to the user’s Yahoo Mail account and send spam,” Zink writes.
It’s important to note, however, that Microsoft makes an operating system – the Windows Phone mobile OS – which is a direct competitor to Android.
Needless to say, if botnet operators are compromising Android devices, we all should be wary. Android is the leading mobile OS in terms of market share in the world.
Zink then traced the emails using IP addresses embedded in the headers of the emails and he saya thay are geo-located to “Chile, Indonesia, Lebanon, Oman, Philippines, Russia, Saudi Arabia, Thailand, Ukraine, and Venezuela.”
“I am betting that the users of those phones downloaded some malicious Android app in order to avoid paying for a legitimate version and they got more than they bargained for. Either that or they acquired a rogue Yahoo Mail app,” he says.
The Microsoft researcher explains that he’s mentioned previously that “Android has the most malware compared to other smartphone platforms, but your odds of downloading and installing a malicious Android app is pretty low if you get it from the Android Marketplace. But if you get it from some guy in a back alley on the Internet, the odds go way up.”
“This is the next evolution in the cat-and-mouse game that is email security,” Zink warns.
This discovery of an Android botnet that sends out spam messages comes on the heels of Trend Micro recently revealing that Android malware quadrupled in the second quarter of this year.
Image from jainaj on Flickr (CC)