Microsoft employee finds evidence of Android botnet

If you read this website, chances are you are familiar with the concept of a botnet. It's a series of PCs that are all infected with malware and are use by the software's creators to mostly spam emails to others. Microsoft has made a big effort to stamp out PC botnets. In fact, it announced just this week that it named two defendants in its takedown of the Zeus botnet.

Now a Microsoft engineer named Terry Zink has announced he may have discovered a new botnet, but it's not installed on any PCs. In a post on his MSDN blog, Zink writes that he has been seeing samples of spam emails generated from Yahoo Mail accounts. However, these spam mails seem to be coming from Android devices.

Zink writes, "We’ve all heard the rumors, but this is the first time I have seen it – a spammer has control of a botnet that lives on Android devices.  These devices login to the user’s Yahoo Mail account and send spam." He adds, "I am betting that the users of those phones downloaded some malicious Android app in order to avoid paying for a legitimate version and they got more than they bargained for.  Either that or they acquired a rogue Yahoo Mail app."

Android devices tend to have more malware infections than any other smartphone OS. However, as Zink himself notes, users who download their apps from the Google Play store usually don't have anything to worry about.

Source: Terry Zink's Cyber Security blog

Report a problem with article
Previous Story

Netflix users viewed over one billion hours of video in June

Next Story

Apple's "slide to unlock" patent ruled invalid in UK

18 Comments

Commenting is disabled on this article.

they sould just add a filter option to any mail client or service to blacklist anything coming from an android device - i sure as hell would use it

Interesting that an engineer of a direct competitor of Android would be writing this. I don't care, I'd still rather Android then any other phone available today.

Nucleotide said,
Interesting that an engineer of a direct competitor of Android would be writing this. I don't care, I'd still rather Android then any other phone available today.

Than you sir are blind, and a fool... This is the same if someone told you don't eat that or you'll die, and you do anyway. Someone is warning you about potential serious cyber harm, and you ignore it.

-=MagMan=- said,

Than you sir are blind, and a fool... This is the same if someone told you don't eat that or you'll die, and you do anyway. Someone is warning you about potential serious cyber harm, and you ignore it.

Every device is a potential serious cyber harm if you're stupid enough. There is no reason to stop using Android just because some dumbasses managed to get their phones infected.

Nucleotide said,
Interesting that an engineer of a direct competitor of Android would be writing this. I don't care, I'd still rather Android then any other phone available today.

Same for me when Google said that Windows and IE are not safe

Lamp Post said,

Every device is a potential serious cyber harm if you're stupid enough. There is no reason to stop using Android just because some dumbasses managed to get their phones infected.

considering botnets usually are bigger then the few 'techies' with a rooted android device.

Lamp Post said,

Every device is a potential serious cyber harm if you're stupid enough. There is no reason to stop using Android just because some dumbasses managed to get their phones infected.

The problem with Android is users don't have to be stupid. There are ways to access it without social engineering.

Pick an exploit that isn't patched on earlier Android versions is an easy way.

Or take advantage of Android not doing proper security checks during App installing, you can piggy back 'Official Google' Apps via a compromised router or other point between you and the Google market.

Lamp Post said,

Every device is a potential serious cyber harm if you're stupid enough. There is no reason to stop using Android just because some dumbasses managed to get their phones infected.

so tell me, which other OS has problems of a freaking botnet? there are more iOS devices on net than droids but somehow Apple users don't spray their contacts with crap... or at least that's intentional

there's no reason to stop using android, but reason for google to get its crappy act together and do something about the junk they created - if not, THAT will be the reason to stop using these sorry excuses for phones... the non-existent support google provides ensures plenty of low version android phones so even if some paradigm shift occures security-wise there will be millions and millions of these craps... better to throw all against the wall, they're worthless either way

Edited by deleted_acc, Jul 5 2012, 1:03pm :

Morden said,

so tell me, which other OS has problems of a freaking botnet? there are more iOS devices on net than droids but somehow Apple users don't spray their contacts with crap... or at least that's intentional

there's no reason to stop using android, but reason for google to get its crappy act together and do something about the junk they created - if not, THAT will be the reason to stop using these sorry excuses for phones... the non-existent support google provides ensures plenty of low version android phones so even if some paradigm shift occures security-wise there will be millions and millions of these craps... better to throw all against the wall, they're worthless either way

Obviously, because the iPhone has never had a single security flaw or issue with an app doing something it wasn't supposed to/without the knowledge of the owner. Never.

Then again, at least Android, the sorry excuse for a phone, has always done the main purpose of a phone flawlessly. That is, making phone calls. Unlike Apple who can't even design a proper antenna. How about that 4G also? How's that working on you iPhone... oh sorry. We can go on and on about 'sorry excuses" and other things but honestly it's not worth it.

Oh nooz, software has a security flaw. This has never happened and we must flame and troll about it.

neonspark said,
LOL so much for android security. what a mess.

The very same thing could happen on a WP7.5 handset that is interop unlocked.
This is why I haven't done that on my device(s).

Yahoo is CRAP anyway. Their email system has really gone down hill. I only use it sign up for websites/forums and I get spam everyday. I keep getting viruses on their servers so I had to remove all contacts from my list so they wouldnt get virus emailed.

... betting that the users of those phones downloaded some malicious Android app in order to avoid paying for a legitimate version

Well there's your problem.

Varemenos said,
Thats what you get for downloading patched/cracked apps.

If they're all from foreign IPs, I'd say it just an app the spammers use that happens to use the Yahoo app. Since all the SPAM emails I get are from Yahoo addresses, I'm not surprised.

If it is actually malware, why wouldn't it affect other email service? Have to use a little common sense. Why only send email from PCs, when you can use your phone also.