All the latest UK technology news, reviews and analysis

Google lashes out at Microsoft's Android botnet allegations

06 Jul 2012
Google Android Malware

Google has lashed out at Microsoft researcher Terry Zink, claiming there is no evidence to support his warning that a new botnet is forcing infected Android phones to churn out spam.

The search giant said that its own internal research indicated the spam messages were stemming from PCs as opposed to smartphones in a statement sent to V3 on Friday.

"Our analysis suggests that spammers are using infected computers and a fake mobile signature to try to bypass anti-spam mechanisms in the email platform they're using," said Google.

The Android botnet reports initially stemmed from Microsoft researcher Terry Zink on 3 July, when he claimed to have discovered evidence that a botnet had successfully infiltrated the Android ecosystem.

In his post Zink warned that a new form of the malware was accessing Yahoo Mail accounts on Android devices to send spam messages.

He also reported tracking the originating IP addresses to Asia, Eastern Europe, South America and the Middle East.

If true the botnet would be the first ever discovered successfully targeting the Android ecosystem.

Since Google's attack Zink has issued a second blog post admitting the spam headers could have been spoofed to make it look like they came from Android devices instead of a PC.

"Yes, it's entirely possible that bot on a compromised PC connected to Yahoo Mail, inserted the message-ID thus overriding Yahoo's own Message-IDs and added the 'Yahoo Mail for Android' tagline at the bottom of the message all in an elaborate deception to make it look like the spam was coming from Android devices," wrote Zink.

"The other possibility is that Android malware has become much more prevalent and because of its ubiquity, there is sufficient motivation for spammers to abuse the platform. The reason these messages appear to come from Android devices is because they did come from Android devices."

Other security vendors have also reported finding evidence that the spam stemmed from Android.

Initially Sophos issued its own report verifying that it too had discovered evidence of a botnet running on infected Android smartphones.

Lookout chief technology officer Kevin Mahaffey suggested that rather than malware on the Android devices, a more likely explanation was the behaviour was attributable to Yahoo's Android email app.

"We’ve reached out to Yahoo with this information and they have acknowledged that their mobile team is actively working on these issues," Lookout said in a company blog.

The news follows on from warnings by security firm Trend Micro that cyber criminals are flocking to the Android ecosystem.

  • Comment  
  • Tweet  
  • Google plus  
  • Facebook  
  • LinkedIn  
  • Stumble Upon  
Alastair Stevenson

Alastair has worked as a reporter covering security and mobile issues at V3 since March 2012. Before entering the field of journalism Alastair had worked in numerous industries as both a freelance copy writer and artist.

View Alastair's Google+ profile

More on Security
What do you think?
blog comments powered by Disqus

BYOD vs CYOD vs BYOC poll

Which approach is your firm taking to managing employees' mobile devices?

Popular Threads

Powered by Disqus
Galaxy S5 vs iPhone 5S vs Nexus 5 showdown

Galaxy S5 vs iPhone 5S vs Nexus 5

We speed test three of the most popular smartphones

Updating your subscription status Loading

Get the latest news (daily or weekly) direct to your inbox with V3 newsletters.

newsletter sign-up button

Data protection: the key challenges

Deduplication is a foundational technology for efficient backup and recovery


iPad makes its mark in the enterprise

The iPad can become a supercharged unified communications endpoint, allowing users to enhance their productivity

Software Development Engineer

Develop: Customise: Configure. Maximise your technical...

Senior Desktop Engineer / Desktop Engineer

Senior Desktop Engineer / Desktop Engineer – The Kent...

IT Service Support Analyst

The Health and Care Professions Council (HCPC) is a regulator...

Senior Analyst Programmer (Application Development) X2

Senior Analyst Programmer (Application Development) X2...
To send to more than one email address, simply separate each address with a comma.