Follow Slashdot stories on Twitter

 


Forgot your password?
Close
typodupeerror
×
Android Google Microsoft Security Spam Yahoo! News

Microsoft Engineer Discovers Android Spam Botnet, Google Denies Claim 152

Posted by samzenpus from the yes-you-did-no-we-didn't dept.
An anonymous reader writes "Microsoft engineer Terry Zink has discovered Android devices are being used to send spam. He has identified an international Android botnet and outlined the details on his MSDN blog. A closer look at the e-mails' header information shows all the messages come from compromised Yahoo accounts. Furthermore, they are also stamped with the 'Sent from Yahoo! Mail on Android' signature. Google has denied the allegations. 'The evidence does not support the Android botnet claim,' a Google spokesperson said in a statement. 'Our analysis suggests that spammers are using infected computers and a fake mobile signature to try to bypass anti-spam mechanisms in the email platform they're using.'"
This discussion has been archived. No new comments can be posted.

Microsoft Engineer Discovers Android Spam Botnet, Google Denies Claim More

Microsoft Engineer Discovers Android Spam Botnet, Google Denies Claim

Comments Filter:

  • Why not? (Score:5, Interesting)

    by rabtech ( 223758 ) on Thursday July 05, 2012 @07:30PM (#40558513) Homepage

    This seems like a much easier way to send spam... Most users will be using the stock mail app so just install, ask for the world in privileges (most users just click yes to anything), then send spam in the background using the user's account.

    If you are smart, you avoid sending any spam to that user's contacts and intercept any replies that contain the spam text as a quoted string. That would make it far less likely for the victim to notice anytime soon.

    Even if the spam isn't coming from Android phones right now, I'm sure someone will do it eventually.

  • Fascinating conclusion he's come to. It looks like MS engineers don't understand Joe jobs.

  • Is the Message-ID incrementing? (Score:4, Interesting)

    by Anonymous Coward on Thursday July 05, 2012 @07:57PM (#40558755)

    And if so does it match the generation scheme used by Android.

    If it's a repeating "Message-ID: " as the blog suggests then it's likely forged.

  • Is it just Yahoo? (Score:5, Interesting)

    by whoever57 ( 658626 ) on Thursday July 05, 2012 @08:07PM (#40558821) Journal

    I see emails from compromised accounts. The one thing that appears to be common is that it is always from Yahoo accounts. After one of my friends had her Yahoo account compromised, I throughly scanned her PC -- nothing showed up. I scanned the hard drive while connected to a known clean PC, so it wasn't just a well hidden malware.

    I am beginning to wonder if there is a vulnerability in Yahoo's security that is being used to compromise accounts.

  • Re:A Microsoft engineer? (Score:1, Interesting)

    by Anonymous Coward on Thursday July 05, 2012 @08:08PM (#40558831)

    That was largely my thought, Android devices lack the processing power and access to bandwidth that your average laptop or desktop has. While I'm sure it's technically possible to have an Android spam botnet, it really begs the question as to why anybody would bother to develop such a thing. Considering how unreliable the connects are and how little you can transmit combined with the increased difficulty of getting the code to run, it doesn't seem like something that would be profitable enough to justify making at this point.

  • Re:Is it just Yahoo? (Score:5, Interesting)

    by whoever57 ( 658626 ) on Thursday July 05, 2012 @08:58PM (#40559137) Journal

    nothing shows up because it's not on her pc,

    Her account had to be compromised somehow. The emails were sent using her credentials. Her Yahoo mailbox was modified to delete all the saved emails and contacts, change the password and forward the email elsewhere. It was not simply someone sending email that looked like it came from her account -- it really was sent using her Yahoo account.

    She told me that she only checks her email from her PC, at home. She doesn't use open-Wifi points, she doesn't use other PCs. Unless there was some kind of malware the vaporized itself from her PC after stealing her account credentials, or [contrary to what she told me] she really did use another PC to check here email the limited evidence suggest that her account credentials were stolen by a security flaw at Yahoo.

  • Re:Is it just Yahoo? (Score:5, Interesting)

    by Billly Gates ( 198444 ) on Thursday July 05, 2012 @09:30PM (#40559295) Journal

    The answer is a Firefox exploit with an invisible iFrame. I have seen it myself and Hairyfeet noticed the same thing if you browse some porn sites with Firefox after you log in your account will randomly start spamming people.

    Basically it is an iframe rogue ad which looks identical to the yahoo email login and it uses javascript to place it over the real yahoo login from yahoo.com. Since the iframe is invisible in Firefox you have no clue and just click on it and give in the username and password.

    I wonder if Mozilla fixed this?

  • Re:Redmond Help Wanted (Score:3, Interesting)

    by Anonymous Coward on Thursday July 05, 2012 @10:48PM (#40559723)

    FWIW, I see far more frivolous lawsuits from Apple these days than from Microsoft. In fact, when was the last time we talked about a Microsoft lawsuit?

  • Comment removed (Score:5, Interesting)

    by account_deleted ( 4530225 ) on Friday July 06, 2012 @12:30AM (#40560341)
    Comment removed based on user account deletion

Slashdot Top Deals

"The four building blocks of the universe are fire, water, gravel and vinyl." -- Dave Barry

Close