Android spam botnet discovered by Microsoft researcher

android botnet virus spam emailsAndroid users, beware: Spammers have begun to use Android smartphones to create a global botnet that bombards Web users with bogus emails. The Android botnet was first uncovered by a Microsoft researcher, and has also been confirmed by other cybersecurity experts.

Botnets are mostly illegal networks of computers (usually desktop or laptop PCs) that are controlled by hackers and are regularly used to send out spam. Most often, users do not know that their computers are part of a botnet.

The researcher, Terry Zink, first noticed a slew of “spam samples” that were all coming from “compromised” Yahoo email accounts, he said in a blog post. The messages all contained “stock spam, the typical pump and dump variety that we’ve seen for years.” But after taking a closer look at the Message-ID in the emails, he noticed something interesting: They were all sent from Android devices. To further confirm this, each spam email concluded with the line “Sent from Yahoo! Mail on Android.”

“We’ve all heard the rumors, but this is the first time I have seen it — a spammer has control of a botnet that lives on Android devices,” wrote Zink. “These devices login to the user’s Yahoo Mail account and send spam.”

After looking into the country of origin for the IP addresses associated with the spam emails, Zink discovered that they all originated from parts of the world where wise cybersecurity practices may not be as widespread as they are in the U.S. This includes Chile, Indonesia, Lebanon, Oman, Philippines, Russia, Saudi Arabia, Thailand, Ukraine, and Venezuela, according to Zink.

As Zink points out, the “odds of downloading and installing a malicious Android app is pretty low if you get it from [Google Play].” So it is most likely that the virus that turns these Android devices into a botnet like came as part of apps available from third-party websites, some of which offer bogus, free versions of popular apps.

“I am betting that the users of those phones downloaded some malicious Android app in order to avoid paying for a legitimate version and they got more than they bargained for,” wrote Zink. “Either that or they acquired a rogue Yahoo Mail app.”

Sophos security expert Chester Wisniewski recommends in a blog post about the botnet that Android users “exercise caution when downloading applications for their devices and definitely avoid downloading pirated programs from unofficial sources,”

In statement made to the BBC, a Google spokesperson said that the company “saw a 40 percent decrease in the number of potentially malicious downloads from Google Play” in both the first and second halves of 2011.

“Last year we also introduced a new service into Google Play that provides automated scanning for potentially malicious software without disrupting the user experience or requiring developers to go through an application approval process,” the spokesperson added.

If you have downloaded apps that you believe may contain malware, your safest bet is to update your device to the newest version of Android available for your handset.


Google may charge up to $40 per Android device for app suite following EU ruling

Google announced that it will be charging Android device manufacturers in Europe a licensing fee to use its apps and services. The announcement is part of an effort to comply with new European Commission regulations.

If you're light on memory, these are the best lite apps for Android and iOS

Looking to save data, storage, and reduce performance issues? Lite apps and Progressive Web Apps (PWAs) are the best options. Here's our roundup of lite apps and PWAs for all the most popular apps on the market.

Protect your digital identity with these four easy steps to online anonymity

You don't have to be a secret agent or a notorious hacktivist to care about anonymity. Consult this guide to learn tips, tricks, and best practices for staying anonymous and keeping your online activity private

Number not recognized? Here's why you're receiving calls from 'Scam Likely'

While it may seem like a bold marketing move to tag your calls "Scam Likely," these alerts are actually your carrier's way of helping you identify scams. Here, we'll walk you through what exactly these markers mean and how you can turn them…

Huawei is working on a 5G foldable phone, the Mate 20 X may be its template

Huawei is working on a folding 5G smartphone, according to the company's CEO, Richard Yu. He also provoked speculation the phone may have something in common with the massive Mate 20 X and its 7.2-inch screen.

Master your new Google phone with these handy Pixel 3 and 3 XL tips

If you’re hunting for some Pixel 3 tips to help you get more from your Google phone, then you’ll find them right here. We’ve got tips for shortcuts, camera controls, and more. All these tips will also work for the Pixel 3 XL.
Product Review

Huawei’s monster Mate 20 X makes the Galaxy Note 9 look small

The Huawei Mate 20 X has a 7.2-inch screen, but is surprisingly manageable to hold, yet still a little too big to carry around. Huawei’s pushing the phone’s ability as a mobile gaming handheld, challenging the Nintendo Switch.

The Google Pixel 3 and Pixel 3 XL are now available for purchase

Google's latest flagships, the Pixel 3 and Pixel 3 XL, are now official and we have all the details from the October 9 event in New York City and Paris. Here's everything we know about the Google Pixel 3 and Pixel 3 XL.

The five-camera LG V40 ThinQ is now available from the major carriers

LG has finally taken the wraps off the new LG V40 ThinQ, the company's latest and greatest flagship phone that packs a whopping five cameras. Here's how to buy the new LG V40 ThinQ.

Need a quick battery boost? Try one of our favorite portable chargers

Battery life still tops the polls when it comes to smartphone concerns. If it’s bugging you, then maybe it’s time to snag yourself a portable charger. Here are our picks of the best portable chargers.

How to sell your old Google Pixel or Pixel 2 for the most money

So, it's time for a expensive new smartphone, and you'd like to partially fund the purchase by selling your old Google Pixel. Find all the information you need to get as much money as possible for your Pixel or Pixel 2 here in our guide.

The OnePlus 6T is coming a day earlier, event moved to October 29

According to a recent report, the launch of the OnePlus 6T could be different from any other OnePlus launch in history. How? It could have the backing of a major U.S. carrier. Here's everything we know about the OnePlus 6T.

Camera shootout! Testing the latest Pixel, iPhone, and Galaxy Note in real life

Which takes the best photos, the Pixel 3 XL, iPhone XS Max, Galaxy Note 9, or Pixel 2 XL? We put the cameras on all these top-notch phones through their paces to see which performs best in the real world, from low light to portrait mode…
Product Review

Amazon’s child-friendly tablet is the complete package

Kids are tough on electronics and it’s difficult to police screen time and manage what they’re doing. The Amazon Fire HD 8 Kids Edition could be the affordable answer to your prayers, with a rugged case and worry-free warranty.