(Ping! Zine Web Tech Magazine) – Analyzed spam samples point to a major botnet problem on mobile OS Android, according to Microsoft employee Terry Zink who recently talked about the issue on his Cyber Security Blog.
“The messages all come from Yahoo Mail servers. They are all from compromised Yahoo accounts. They are sending all stock spam, the typical pump and dump variety that we’ve seen for years,” commented Zink.
However, where Android comes into play is the message ID contained in the spam. “Message-ID: [email protected],” reads one of the messages set as an example in Zink’s blog post.
The Microsoft employee even went so far as to speculate how the botnet was initiated. “I am betting that the users of those phones downloaded some malicious Android app in order to avoid paying for a legitimate version and they got more than they bargained for. Either that or they acquired a rogue Yahoo Mail app,” commented Zink.
Zink wasn’t the only to comment on the presence of the botnet. Chester Wisniewski for Sophos discussed the spam messages, noting they pertained to sales for Viagra, e-cards and penny stocks. Last year in May, Juniper Networks reported that malware on Android has risen by 400% in a timeframe between June 2010 and January 2011.