Android Spam Botnet on Loose

Friday, July 6, 2012 @ 02:07 PM gHale

Android malware running as a spam botnet is generating increased revenue for cyber criminals.

The malware, which is coming from downloading pirated programs from unofficial app stores, takes advantage of compromised devices by sending advertisements for discounted pills, worthless penny stocks and dubious electronic greeting cards.

Bypassing Bouncer Android Security
Defensive Struggle: Android Under Attack
Alternative Android Market Warning
Android Malware via Twitter

“The messages appear to originate from compromised Google Android smartphones or tablets,” said senior security advisor at Sophos Canada, Chester Wisniewski. “You can imagine the cellular phone bill you might receive if your phone is being used to download and spam out thousands of these messages.”

Sophos analysed samples of the malware that originated in Argentina, Ukraine, Pakistan, Jordan and Russia. It found texts such as “Now offering medications for Weight Loss, Diabetics, Pain Reduction!” and “Viagra+Cialis Super Active, Alprazolam, Vicodin etc…Pick up you’re meds for 75 per cent off today.”

Other samples employ images and animated gif files to promote discounted pharmacy products, preying on those too embarrassed to go to doctors.

Users should stick to official app stores such as Google and Amazon for downloading apps and programs for their smartphones and tablets, Wisniewski said.

“It is likely that Android users are downloading Trojanized pirated copies of paid Android applications,” he said. “The widespread nature of source devices is unusual as most Android malware is not downloaded from Google Play, but localized ‘off market’ download sites.”

The discovery comes only a day after Trend Micro said mobile malware quadrupled between the first and second quarters this year, adding fears that security threats facing Android devices are increasing.

Leave a Reply

You must be logged in to post a comment.