We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
78,713 News Articles

New Android Malware Uses Phones as Spam Botnet

The messages are being propagated through Yahoo's mail service and promote counterfeit Viagra and other pharmaceuticals.

Researchers at security firm Sophos say they have discovered malware for Android phones that is used as a spam botnet. Spam messages are being sent from Google Android phones and tablets, all of which have been propagated through Yahoo's mail service, promoting counterfeit Viagra and other pharmaceuticals.

This seems to be a new form of malware for Android users. Researchers have already unveiled schemes for cybercriminals to make money from capturing SMS messages used for online banking logins, or by sending premium-rate SMS messages without the users' knowledge.

The source of the spam botnet seem to be users who downloaded pirated copies of paid Android apps that which were infected with trojans, said Chester Wisniewski, a senior security adviser at Sophos Canada. Some the spam messages are text-only, while others are graphic, and some are even animated.

So far, the security firm has analyzed samples of the spam originating from Argentina, Ukraine, Pakistan, Jordan and Russia. The malware does not appear to be coming from apps download from Google's official app store, Google Play -- but from localized third-party download sites where users can get pirated versions of paid apps for Android.

"Android users should exercise caution when downloading applications for their devices and definitely avoid downloading pirated programs from unofficial sources," Wisniewski advised. "Google, Amazon and others may not be perfect at keeping malware off of their stores, but the risk increases dramatically outside of their ecosystems."

Security firm Symantec also found in its latest annual report that mobile malware threats are almost exclusive to Google's open mobile OS, with an increase by more than 93 percent over the last year. The report found more than half of all Android threats collect device data or track users' activities.

Follow Daniel Ionescu and Today @ PCWorld on Twitter


IDG UK Sites

Top 5 Android tips and tricks for smartphones and tablets

IDG UK Sites

How to join Apple's OS X Beta Seed Program: Get OS X Yosemite on your Mac before public release

IDG UK Sites

Why the BBC iPlayer outage was caused by a DDoS attack: Topsy and Tim isn't *that* popular

IDG UK Sites

BBC using Glasgow 2014 Commonwealth Games to trial 4K/UHD, pan-around video, augmented video and...