As it turns out, mobile malware that targets Android devices is not used only to steal sensitive information and send SMS messages to premium rate numbers. A number of experts have found a spam botnet that’s made of infected Android phones and tablets.
Microsoft engineer Terry Zink and Sophos experts have independently discovered spam messages being sent out from compromised Android devices.
According to the researchers, the unsolicited advertisements are being sent via Yahoo’s free mail service to promote all sorts of shady products, mainly ones offered by rogue pharmacy websites.
Here’s a sample email:
Incredible National Rx Store
Now offering medications for Weight Loss, Diabetics, Pain Reduction!!! Reduced Prescription's Cialis Super Active, Alprazolam, Vicodin etc...
Pick Up You're Meds for 75% Off Today
Sent from Yahoo! Mail on Android
“You can imagine the cellular phone bill you might receive if your phone is being used to download and spam out thousands of these messages,” Chester Wisniewski of Sophos explained
“Even if you thought you were going to buy some counterfeit Viagra from criminals because you are too embarrassed to see your physician, it is still a classic bait and switch.”
Zink has tracked the IP addresses responsible for sending the spam and identified countries such as Chile, Ukraine, Venezuela, Russia, Oman, Indonesia, Lebanon, Philippines, Saudi Arabia and Thailand.
All those who have analyzed this botnet agree that the pieces of malware that power it are most likely served on shady Android app markets. There’s also the chance that a rogue Yahoo! Mail application may be the cause.
“This ups the ante for spam filters. If people download malicious apps onto their phone that capture keystrokes for their email software, it makes it way easier for spammers to send abusive mail. This is the next evolution in the cat-and-mouse game that is email security,” Zink concluded