Tag: botnets

Updated: Botnet hits Android smartphones, sends spam from Yahoo accounts?

botnet_on_smartphones_email_spamCompromised Yahoo accounts have been used to send out spam by a botnet recently. In this case it’s not a ‘regular ol’ botnet’ living on zombie computers, but one operating out of Android powered smartphones.

A blogger on the Microsoft blogs named tzink noted this recently, with a lot of commenters posting about the same happening to them. The originating countries can be traced back due to the IPs used: they were Chile, Indonesia, Lebanon, Oman, Philippines, Russia, Saudi Arabia, Thailand, Ukraine and Venezuela.

A quote:

All of these message are sent from Android devices.  We’ve all heard the rumors, but this is the first time I have seen it – a spammer has control of a botnet that lives on Android devices.  These devices login to the user’s Yahoo Mail account and send spam.

 

Apparently the developing world citizens are less strict about security on their smartphones. In this case tzink suspects that malicious software disguised as a free app is is part of the botnet.

However, one commenter thinks it’s just the malicious Android app itself signing up for new Yahoo accounts, and not using existing Yahoo email accounts:

With all of the samples I’ve seen, the Yahoo! email address follows the same format (FirstnameLastname followed be 2 numeric characters @yahoo.com). This would suggest it is simply a botnet which has circumvented the Yahoo! Android sign-up API to create new accounts rather than those being peoples actual email addresses.

 

Spam filters will have a tougher time distinguishing good email from bad email, if these email are being sent from/by normally legitimate Yahoo email accounts. They should be able to filter by content though, as tzink notes that the spam message content

Email spam volume has been dropping in recent times, but this jump into the smartphone arena by a botnet makes it clear that we’re not yet finished with the spam game.

Remember, there’s always a way to handle spam: don’t forget to read ‘Help, I’ve received spam from $company! What to do now?

Update 1: according to a post on The Verge, Google denies that Android smartphones have been compromised and a botnet is sending out the emails.

From the end of that article:

There’s still a definite possibility that this is indeed an Android botnet of some sort, and both researchers claim the evidence points that direction, but we’re far less certain than we were before, and a little less trusting, too.

The spam was supposedly sent using a spoofed mobile email signature, bypassing spam filters. Because of that mobile email signature, the messages are/were considered to be coming from Android smartphones, but that is now uncertain.

Related Posts:

Email spam volume drops to historically low levels

The email spam volume worldwide has dropped to the lowest in the past three years, according to the Symantec November Intelligence Report:

Biggest sources for spam worldwide is still the USA with 28%, while india is at 9% and Russia at 5.7%. Overall spam has dropped to 70.5% of total email volume, down 3.7% from last October.

Some very effective ways of bringing spammers and complete networks sending spam (called botnets) down have been to make sure computer systems are better protected or cut off from internet until they are, and getting credit card companies and banks to stop do business with spammers.

The trouble with spammers however is that they will always find other or new ways to reach an audience that will participate in their schemes. Both comment spam and especially spam on social media networks has been getting bigger in recent years: for instance Twitter is plagued on a daily basis with spam accounts doing useless mentions with links on the platform.

Related Posts:

Pingdom posts email spam stats insight

The people over at Pingdom have posted some insight into email spam statistics: this includes an overview of spam facts, originating geolocations of spam and the size of botnets.

Some of the stats posted include the fact that the majority of spam is in English (90%), 2/3rd is pharmaceutical spam and spam from webmail services makes up only 0,7%. Furthermore newsletter spam is increasing too: that type of unsollicited mail is now secondary in unwanted mail.

From the botnet locations and activity below we can conclude that some of the major sources of spam from botnets are east-coast USA, Europe and India:

See the full article on Pingdom here.