Android smartphones 'used for botnet', researchers say
- Published
Smartphones running Google's Android software have been hijacked by an illegal botnet, according to a Microsoft researcher.
Botnets are large illegal networks of infected machines - usually desktop or laptop computers - typically used to send out masses of spam email.
Researcher Terry Zink said there was evidence of spam being sent from Yahoo mail servers by Android devices.
Microsoft's own platform, Windows Phone, is a key competitor to Android.
The Google platform has suffered from several high-profile issues with malware affected apps in recent months.
The official store - Google Play - has had issues with fake apps, often pirated free versions of popular paid products like Angry Birds Space or Fruit Ninja.
This latest discovery has been seen as a change of direction for attackers.
"We've all heard the rumours," <link> <caption>Mr Zink wrote</caption> <url href="http://blogs.msdn.com/b/tzink/archive/2012/07/03/spam-from-an-android-botnet.aspx" platform="highweb"/> </link> in a blog post.
"But this is the first time I have seen it - a spammer has control of a botnet that lives on Android devices.
"These devices login to the user's Yahoo Mail account and send spam."
Bad guys
He said analysis of the IP addresses used to send the email revealed the spam had originated from Android devices being used in Chile, Indonesia, Lebanon, Oman, Philippines, Russia, Saudi Arabia, Thailand, Ukraine, and Venezuela.
As is typical, the spam email looks to tempt people into buying products like prescription drugs.
Security expert Graham Cluley, <link> <caption>from anti-virus firm Sophos</caption> <url href="http://nakedsecurity.sophos.com/2012/07/05/android-botnet-wants-to-sell-you-viagra-penny-stocks-and-e-cards/" platform="highweb"/> </link> , said it was highly likely the attacks originated from Android devices, given all available information, but this could not be proven.
This was the first time smartphones had been exploited in this way, he said.
"We've seen it done experimentally to prove that it's possible by researchers, but not done by the bad guys," he told the BBC.
"We are seeing a lot of activity from cybercriminals on the Android platform.
"The best thing you can do right now is upgrade your operating system, if that's possible.
"And before you install apps onto your device, look at the reviews, because there are many bogus apps out there."
Google told the BBC it did not respond to queries about specific apps but was working to improve security on the Android platform.
"We are committed to providing a secure experience for consumers in Google Play, and in fact our data shows between the first and second halves of 2011, we saw a 40% decrease in the number of potentially malicious downloads from Google Play," a spokesman said.
"Last year we also introduced a new service into Google Play that provides automated scanning for potentially malicious software without disrupting the user experience or requiring developers to go through an application approval process."
- Published3 March 2011