Android spam botnet discovered by Microsoft researcher

android botnet virus spam emailsAndroid users, beware: Spammers have begun to use Android smartphones to create a global botnet that bombards Web users with bogus emails. The Android botnet was first uncovered by a Microsoft researcher, and has also been confirmed by other cybersecurity experts.

Botnets are mostly illegal networks of computers (usually desktop or laptop PCs) that are controlled by hackers and are regularly used to send out spam. Most often, users do not know that their computers are part of a botnet.

The researcher, Terry Zink, first noticed a slew of “spam samples” that were all coming from “compromised” Yahoo email accounts, he said in a blog post. The messages all contained “stock spam, the typical pump and dump variety that we’ve seen for years.” But after taking a closer look at the Message-ID in the emails, he noticed something interesting: They were all sent from Android devices. To further confirm this, each spam email concluded with the line “Sent from Yahoo! Mail on Android.”

“We’ve all heard the rumors, but this is the first time I have seen it — a spammer has control of a botnet that lives on Android devices,” wrote Zink. “These devices login to the user’s Yahoo Mail account and send spam.”

After looking into the country of origin for the IP addresses associated with the spam emails, Zink discovered that they all originated from parts of the world where wise cybersecurity practices may not be as widespread as they are in the U.S. This includes Chile, Indonesia, Lebanon, Oman, Philippines, Russia, Saudi Arabia, Thailand, Ukraine, and Venezuela, according to Zink.

As Zink points out, the “odds of downloading and installing a malicious Android app is pretty low if you get it from [Google Play].” So it is most likely that the virus that turns these Android devices into a botnet like came as part of apps available from third-party websites, some of which offer bogus, free versions of popular apps.

“I am betting that the users of those phones downloaded some malicious Android app in order to avoid paying for a legitimate version and they got more than they bargained for,” wrote Zink. “Either that or they acquired a rogue Yahoo Mail app.”

Sophos security expert Chester Wisniewski recommends in a blog post about the botnet that Android users “exercise caution when downloading applications for their devices and definitely avoid downloading pirated programs from unofficial sources,”

In statement made to the BBC, a Google spokesperson said that the company “saw a 40 percent decrease in the number of potentially malicious downloads from Google Play” in both the first and second halves of 2011.

“Last year we also introduced a new service into Google Play that provides automated scanning for potentially malicious software without disrupting the user experience or requiring developers to go through an application approval process,” the spokesperson added.

If you have downloaded apps that you believe may contain malware, your safest bet is to update your device to the newest version of Android available for your handset.

Mobile

Qualcomm's 3D Sonic fingerprint sensor could make your next phone more secure

Almost exactly a year after the launch of the Snapdragon 845, Qualcomm took the wraps off of its next-generation mobile platform, the new Snapdragon 855. The new chip puts an emphasis on A.I. performance.
Computing

Protect yourself from the latest malware with the best free antivirus software

Malware, spyware, and adware is never fun to find on your PC. Check out our picks for the best free antivirus software, so you can rid your system of any dangerous software that might be lurking around.
Mobile

Sony rumored to favor Qualcomm's new superchip for upcoming Xperia XZ4

Sony may have released the Xperia XZ3 in the past few months, but already it's preparing to release a follow-up, the Xperia XZ4. We're learning plenty about the phone now some details have started to leak out, and it's getting exciting.
Mobile

No, OnePlus won’t be first with Snapdragon 855, and 5G phone may cost $850

OnePlus will be among the first companies to put the new Snapdragon 855 processor into a phone, and will also release a separate and more expensive 5G phone in 2019 with the help of U.K. network EE.
Mobile

Google confirms Allo chat app will shut down in 2019

Another day, another messaging app reportedly shutting down. Following reports of Google Hangouts shutting down, Google Allo might be next. While Google has yet to confirm, the tech giant may be putting an end to the chat app soon.
Mobile

The Nokia 8.1 is a Pie-powered midrange phone that’s not coming to the U.S.

Nokia's latest addition is the Nokia 8.1, a good-looking phone with a huge display, powered by the Snapdragon 710, and a claimed two-day battery life. But it won't be coming to the U.S.
Mobile

You forgot all about these 5 phones of 2018. Prepare to forget them again

The best phones of the year are memorable, exciting, and ones we all want to buy. But what about the others? We're not talking about bad phones, we're talking about forgettable phones -- ones that aren't even bad enough to be remembered.
Mobile

Upcoming Samsung Galaxy S10 models may have two, three, or even four rear lenses

While we still may be months away from an announcement, there's no doubt about it: Samsung is working hard on its successor to the Galaxy S9. Here's everything we know about the upcoming Samsung Galaxy S10.
Mobile

Galaxy Watch vs. Apple Watch Series 4: Which one is the smartest?

The Samsung Galaxy Watch and the Apple Watch Series 4 are two of the best smartwatches available today. But which is better? We put the two watches head-to-head to find out which you should buy.
Wearables

The $200 TicWatch C2 smartwatch is now being sold in the U.S. and U.K.

Digital well-being and disconnecting from your phone is one of 2018's big trends. Mobvoi wants you to think about its TicWatch C2 smartwatch as a great way to help you use your phone less.
Mobile

The Palm has been revived, and is now available in the U.S. and U.K.

A reboot of the classic Palm is finally here and it's tiny. It syncs to your phone and acts as a secondary device -- with a feature to help you disconnect from technology. The Palm will be available exclusively through Verizon for $350.
Mobile

Yes, we really are getting a special McLaren edition of the OnePlus 6T

OnePlus has announced a partnership with McLaren F1, emphasizing a shared interest in speed. The phone company is known for producing special edition devices. Here's what we know about the OnePlus 6T Mclaren Edition.
Product Review

Montblanc Summit 2 offers smart functionality but still looks good with a suit

Montblanc’s Summit 2 is the first smartwatch to use Qualcomm’s Snapdragon Wear 3100 processor. It’s feature packed, with GPS, NFC for Google Pay, and a heart rate sensor, but it also has the classic timepiece look.
Mobile

5G’s arrival is transforming tech. Here’s everything you need to know to keep up

It has been years in the making, but 5G is finally becoming a reality. While 5G coverage is still extremely limited, expect to see it expand in 2019. Not sure what 5G even is? Here's everything you need to know.