Android Malware Botnet Claims Doubted as Researchers Review Evidence
(
Page 1 of 3 )
Two Internet security researchers who
recently reported their findings of an Android botnet that pushes spam to
users’ Yahoo email accounts now say they might have jumped the gun.
In an update from The Wall Street Journal,
the two researchers aren’t as sure that their original claims about the alleged
Android malware and botnet are correct.
“Chester Wisniewski, senior security
adviser at Sophos, said he is
rechecking his findings after Google and some other security researchers
disputed findings of an Android ‘botnet,’ or a cluster of computers hijacked by
hackers,” The Journal
reported in its Digits blog. “In
an interview Thursday, Mr. Wisniewski said that the spam he identified
generated by Yahoo’s free Web-based email service was different than normal
patterns of email spam but ‘we don’t know for sure that it’s coming from
Android devices.’”
The other security researcher, Microsoft
engineer Terry Zink, also backtracked on his original report about the alleged
Android malware, stating
in a follow-up post “that he also didn’t know for sure that Android
devices had been compromised,” according to The Journal. “Yes, it’s entirely possible that bot on
a compromised PC connected to Yahoo Mail’ and inserted the ‘Yahoo Mail for
Android’ tagline at the bottom of the spam messages ‘to make it look like the
spam was coming from Android devices,’ he wrote.”
Google, which owns and develops the Android
mobile operating system, continues to deny the researchers’ claims since the
first reports were released. “The evidence we’ve examined does not support the
Android botnet claim,” the company said in a statement through a
spokesman. “Our analysis so far suggests that spammers are using infected
computers and a fake mobile signature to try to bypass anti-spam mechanisms in
the email platform they’re using. We’re continuing to investigate the details.”
The original reports from the two security
researchers stated that the alleged malware
would get into a user’s smartphone through a rogue app, which then used
users’ Yahoo free email accounts to send out spam, according to an earlier
story on eWEEK.com. “Microsoft engineer Terry Zink said he found
spam samples coming from compromised Yahoo email accounts, but then noted that
they were being sent from Android mobile devices.”
“We’ve all heard the rumors, but this is the
first time I have seen it—a spammer has control of a botnet that lives on
Android devices,” Zink originally wrote in a blog
post July 3. “These devices log in to the user’s Yahoo Mail account and
send spam. … The messages all come from Yahoo Mail servers. They are all from
compromised Yahoo accounts. They are sending all stock spam, the typical pump
and dump variety that we’ve seen for years.”
Now, though, there are questions about the
validity of those initial claims in this case.
Article source: http://feeds.ziffdavisenterprise.com/~r/RSS/eweeksecurity/~3/x2gqIMdMCfs/
