

Spam from an Android botnet - brudgers
http://blogs.msdn.com/b/tzink/archive/2012/07/03/spam-from-an-android-botnet.aspx

======
caf
Isn't it possible that the spammers are using the API used by Yahoo's Android
application from the usual compromised desktop machines, rather than from
Android devices themselves? All of the information required to do so would be
available from analysis of the Yahoo Android application.

------
gurkendoktor
I've asked a classmate about Android security recently and he complained about
downloading a fake Yahoo mail app by accident. He only realized this after
friends asked him what was up with the spam.

Just an anecdote, but I found it interesting that it was about the same
freemail service as the OP. I haven't been able to Google a written report of
it up though.

------
jpxxx
Both Message-ID spoofing/reuse and dressing up the message body to look like
it was coming from a mobile device would probably rank the spam's quality
lower than otherwise.

Occam's razor argues that this genuinely did come from an Android OS, and
statistics argues that this is a smartphone.

It isn't certain fire, but this is definitely smoke. And it is terrible news
for carriers and customers alike.

------
Zenst
Well it's not new and it won't be the last. But when the spam potentualy means
extra income from datausage for the mobile telco's I do wonder how helpful
they will be in stamping this out. I know email can be forged and the aspect
that there is a bot running on a mobile phone telling everybody its a android
is something that don't prove it came from a android phone - could be a iPhone
for what we know. Without the bot/spyware/eveil program being pointed at and
caught in the act with wifi sniffers then there is no evidence that is
tangable. You can send emails out that look like they come from a iPhone69 in
the headers, don't mean that a iPhone69 exists.

But if people install no vetted application then they will get unvetted
results.

Now if only the goverments realy stamped hard on SPAM, maybe if the music
industry had a vested interest then it would soon get stamped out. Its a fine
revenue that goverments could tap into and the public realy wont be
complaining for once. Please goverments - go get hard on SPAM and levy huge
fines and make us all happier.

~~~
rst
It depends what else the phones are being used for. If they are regularly
pulling down audio data for the web, or even fat, non-mobile-ized web pages,
on a regular basis, then the incremental bump from a few dozen spam emails a
day might be hard to notice...

------
rbanffy
I'd like to see some numbers. How many phones are part of the botnet and how
many messages is this botnet sending?

------
TheDigitalNInja
Maybe they just are stamping that on it to try and get past spam filters?

~~~
tubbo
It seems far more likely to me that this is the case.

------
peteretep
It's also not unusual in at least one of those countries (Thailand) to go to a
shopping mall and give your phone to someone who'll install a gazillion apps
on it for you.

------
J3L2404
"I am betting that the users of those phones downloaded some malicious Android
app in order to avoid paying for a legitimate version and they got more than
they bargained for."

Not using a vetted marketplace is a dangerous security gamble as the author
claims the passwords were probably taken by a keylogger.

