A Microsoft engineer has discovered and identified an Android-based botnet capable of spamming on a huge international scale.
Microsoft engineer Terry Zink discovered the huge botnet harnessing Android devices to send out masses of spam emails.
Although Android malware is on the rise and there have been multiple discoveries of apps making money by sending expensive SMS messages, this malware sends unsolicited emails through the Yahoo Mail servers within the device.
As the spam messages where signed with the Android Yahoo mobile signature, Zink believes that a cybercrim has developed a new piece of malware to access Yahoo Mail accounts on Android devices and send spam messages from them. As this is happening on a large scale, it is natural to assume that the same cybercrim has linked the Android devices together to create a botnet, enabling spam send outs on a massive scale.
Since Yahoo provides the originating IP address for e-mails, Zink was able to list the countries from where the spam is being sent: Asia, Eastern Europe, the Middle East, and South America.
Using the originating IP address for the emails (provided by Yahoo) Zink discoverd that the mail came from Chile, Indonesia, Lebanon, Oman, Philippines, Russia, Saudi Arabia, Thailand, Ukraine, and Venezuela.
Many of these countries are in the developing world, leading the Microsoft engineer to argue that users were more than likely trying to download pirated versions of apps to avoid paying. Unbeknown to them, they were actually tricked into downloading a fake version of the Yahoo Mail app which was infected with the spam-sending malware.
Return to microsoft news headlines
View Microsoft News Archive