Android malware
A Microsoft engineer named Terry Zink announced via his MSDN blog that he has found evidence of a new botnet. However, this isn’t installed on PCs like botnets usually are, but instead on Android devices. The ghost Androids will form an Android botnet and use Yahoo Mail accounts to send out spam emails. The compromised Androids will listen for commands sent from a remote server controlling the botnet.
Terry came across spam that contained the following Message-ID:
Message-ID: <1341147286.19774.androidMobile@web140302.mail.bf1.yahoo.com>
Furthermore, it also included the Android signature at the bottom of the mail:
Sent from Yahoo! Mail on Android
This is just one example of many mails that he discovered. While digging deeper, he found out that Yahoo stamps the origin IP address in the header. This makes it possible to trace the origin of where these mails were sent from. Terry found mails sent from the following countries: Chile, Indonesia, Lebanon, Oman, Philippines, Russia, Saudi Arabia, Thailand, Ukraine, and Venezuela.
So this isn’t just a single mail sent from one compromised device. This is a widespread problem that can’t really be fixed in Android. As long as users are able to install the software they want, they’ll also be able to install malware. Users can be tricked in to downloading malicious software, and this is quite possible the way this malware is spreading. You think that you install an official Yahoo Mail client, but in fact you are installing malware together with Yahoo’s Mail client.
Google Play is the only secure way to install software on Android. You should never rely on insecure .APK files. Another option is to switch from Android to iOS or Windows Phone, the two systems that are closed and secure. By using a closed system you’ll need to download software from the App Store/Marketplace, i.e. the code will be pre-checked by Apple or Microsoft ensuring the users safety.
Read more: viaLike this post? Like us on Facebook to see when a new post is published.
