Last week, a Microsoft engineer claimed in a blog post that he had found evidence of a botnet that was using malware installed on Android-based devices. Now Android creator Google is disputing those claims, saying that the malware in question actually came from infected PCs.
The BBC reports that, according to a statement from Google, "Our analysis suggests that spammers are using infected computers and a fake mobile signature to try to bypass anti-spam mechanisms in the email platform they're using." Google added that, according to their reasoning, email spammers might take this approach to help get around email spam boxes that might not block an email coming from an Android smartphone or tablet.
Meanwhile, Terry Zink, the Microsoft team member that came up with his Android botnet theory, wrote a follow-up post on his blog. He did admit that it was "entirely possible" that the email addresses he had discovered were spoofed and made to look like they came from an Android product. He added:
On the other hand, the other possibility is that Android malware has become much more prevalent and because of its ubiquity, there is sufficient motivation for spammers to abuse the platform. The reason these messages appear to come from Android devices is because they did come from Android devices. Before writing my previous post, I considered both options but selected the latter.
There is also a link in Zink's blog to an earlier BBC story, which quotes Graham Cluley, from the software security firm Sophos. He states, "We've seen it done experimentally to prove that it's possible by researchers, but not done by the bad guys. We are seeing a lot of activity from cybercriminals on the Android platform."
Despite Google's claim to the contrary, it seems clear that an Android-based botnet is well within the realm of possibility and that it may be running right now.
Source: BBC website