Researchers at Microsoft and Sophos say they believe malware-infected Android phones are sending spam via Yahoo Mail accounts as part of a botnet, but Google and mobile firm Lookout say there could be other explanations.
Terry Zink, a program manager for Microsoft Forefront Online Security, said in a blog post two days ago that he had found some spam samples that had this Message-ID:
"<1341147286.19774.androidMobile@web140302.mail.bf1.yahoo.com>."
That was followed by speculation from Chester Wisniewski at Sophos, who wrote in a blog post today: "It is likely that Android users are downloading Trojanized pirated copies of paid Android applications. The samples we analyzed originated in Argentina, Ukraine, Pakistan, Jordan and Russia. The widespread nature of source devices is unusual as most Android malware is not downloaded from Google Play, but localized "off market" download sites."
Zink then wrote an updated post today that acknowledged that the spam headers could be spoofed to look like they originate on Android devices.
Related stories
- ... [Read more]
No comments:
Post a Comment