Android spam botnet discovered by Microsoft researcher

android botnet virus spam emailsAndroid users, beware: Spammers have begun to use Android smartphones to create a global botnet that bombards Web users with bogus emails. The Android botnet was first uncovered by a Microsoft researcher, and has also been confirmed by other cybersecurity experts.

Botnets are mostly illegal networks of computers (usually desktop or laptop PCs) that are controlled by hackers and are regularly used to send out spam. Most often, users do not know that their computers are part of a botnet.

The researcher, Terry Zink, first noticed a slew of “spam samples” that were all coming from “compromised” Yahoo email accounts, he said in a blog post. The messages all contained “stock spam, the typical pump and dump variety that we’ve seen for years.” But after taking a closer look at the Message-ID in the emails, he noticed something interesting: They were all sent from Android devices. To further confirm this, each spam email concluded with the line “Sent from Yahoo! Mail on Android.”

“We’ve all heard the rumors, but this is the first time I have seen it — a spammer has control of a botnet that lives on Android devices,” wrote Zink. “These devices login to the user’s Yahoo Mail account and send spam.”

After looking into the country of origin for the IP addresses associated with the spam emails, Zink discovered that they all originated from parts of the world where wise cybersecurity practices may not be as widespread as they are in the U.S. This includes Chile, Indonesia, Lebanon, Oman, Philippines, Russia, Saudi Arabia, Thailand, Ukraine, and Venezuela, according to Zink.

As Zink points out, the “odds of downloading and installing a malicious Android app is pretty low if you get it from [Google Play].” So it is most likely that the virus that turns these Android devices into a botnet like came as part of apps available from third-party websites, some of which offer bogus, free versions of popular apps.

“I am betting that the users of those phones downloaded some malicious Android app in order to avoid paying for a legitimate version and they got more than they bargained for,” wrote Zink. “Either that or they acquired a rogue Yahoo Mail app.”

Sophos security expert Chester Wisniewski recommends in a blog post about the botnet that Android users “exercise caution when downloading applications for their devices and definitely avoid downloading pirated programs from unofficial sources,”

In statement made to the BBC, a Google spokesperson said that the company “saw a 40 percent decrease in the number of potentially malicious downloads from Google Play” in both the first and second halves of 2011.

“Last year we also introduced a new service into Google Play that provides automated scanning for potentially malicious software without disrupting the user experience or requiring developers to go through an application approval process,” the spokesperson added.

If you have downloaded apps that you believe may contain malware, your safest bet is to update your device to the newest version of Android available for your handset.


To be blunt, the Vuzix Blade smartglasses just don’t cut it

We tried out the Vuzix Blade to find out if it’s worth shelling out $1,000 for smartglasses. Are these augmented reality, Android-powered glasses really ready for primetime or just an expensive gimmick that no one really needs?

Enjoy Windows on a Chromebook with these great tips and tricks

If you want to push the functionality of your new Chromebook to another level, and Linux isn't really your deal, you can try installing Windows on a Chromebook. Here's how to do so in case you're looking to nab some Windows-only software.

Happy Valentine’s Day! Coffee Meets Bagel dating app data may have been breached

Are you planning on using Coffee Meets Bagel to find love on Valentine's Day? If you've been using the app for a while, you'll probably want to change your password -- the company said a data breach may have taken place before May 2018.

Google insists it’s doing what it can to purge Play Store of malicious apps

Google's efforts to provide a secure and safe Play Store for Android users resulted in the company rejecting 55 percent more app submissions in 2018 compared to a year earlier. But the challenge is ongoing.

Windows 7 is still immensely popular. Is it really better than Windows 10?

With the end of support of Windows 7 approaching, have you been holding off on upgrading to Windows 10? In this guide, we give look at some of the biggest differences between the most popular operating systems.

Need a date for Valentine's Day? Cozy up with the best dating apps of 2019

Everyone knows online dating can be stressful, time-consuming, and downright awful. Check out our top picks for the best dating apps, so you can streamline the process and find the right date, whatever you're looking for.
Product Review

Nokia’s 3.1 Plus is an affordable phone that’s crippled by its camera

The Nokia 3.1 Plus is HMD Global’s first smartphone to be sold by a U.S. carrier in-store. It’s only available on Cricket Wireless right now, which underlines its focus on affordability. Should you buy a phone this affordable?

Love music? For audiophiles, the LG G8 ThinQ may be the best phone ever made

LG is expected to release a successor to the LG G7 ThinQ, possibly called the LG G8 ThinQ, this year and rumors about it are already spreading. Here's everything we know about it so far.

Smartwatch sales soared in 2018, with Apple leading the charge

The NPD Group, a market research organization, has reported smartwatch sales soared in 2018. Apple is leading the charge, but it's clear there's still room in the market for competitors, as Samsung and Fitbit also did well.

Love Playmoji pack adds animated Valentine’s stickers to your Pixel photos

Valentine's Day is here, and to celebrate, Google has added the "Love Playmoji" pack to the Playground feature on its Google Pixel camera. The new feature will add cute AR-driven extras to your Pixel photos.

Xiaomi Mi 9 will be one of the first phones with monster Snapdragon 855 chip

Xiaomi's next major smartphone release will be the Mi 9, and the company hasn't held back in giving us a good look at the phone, revealing the design, the camera, and a stunning color.

Galaxy Watch Active isn't official yet, but you can see it in Samsung's own app

Samsung may be about to resurrect its Sport line of smartwatches under a new name: The Galaxy Watch Sport Active. Leaks and rumors are building our picture of the device at the moment.

Stop buying old tablets, says Samsung, buy the new Galaxy Tab S5e instead

Samsung has launched the Galaxy Tab S5e -- the E is for Essential -- a reasonably priced tablet that includes many of the features we like from the Tab A 10.5, and the Tab S4. Here's what you need to know.

Bag yourself a bargain with the best budget tablets under $200

The battle for your budget tablet affections is really ramping up. Which tablet, costing less than $200, should be commanding your attention? We take a look at some different options for the budget-conscious.