Android botnet sends SMS spam through Android phones
Cloudmark says it is the first time its researchers have detected a botnet that abuses sends spam through infected Android phones.
IDG News Service - In a new twist, spammers have built a botnet that sends SMS spam through infected Android phones, shifting the potentially pricey cost of sending spam to victims.
The trend, spotted by security vendor Cloudmark, poses a new challenge for operators. Victims whose phones are sending the SMS spam often do not know their phone is infected, and they could have their account suddenly shut down by their operator if abuse is detected.
"I think they [operators] are still working out how to deal with this," said Andrew Conway, lead software engineer with Cloudmark, which makes antispam products for operators. "This is fairly new."
Cloudmark noticed that a server located in Hong Kong was hosting two Android games, "Angry Birds Star Wars" and "The Need for Speed Most Wanted," for the Android mobile operating system. Both games were infected with malware that connects the phones with rogue servers that deliver instructions for a mobile spam campaign.
When connected to the rogue command-and-control servers, the victim's phone receives a list of around 50 phone numbers along with the spammy text, Conway said. The malware on the Android device will wait a little more than one second after sending a message, then will eventually check in with the rogue server to obtain more numbers. If the phone is shut off and turned on again, the malware reboots and installs itself as a service on the phone, Cloudmark said.
In one example, the spam messages contained links to the malicious applications in hopes of infecting other users. In another example, the spam message falsely informed people they had won a gift card. But in order for the gift card to be delivered, the victim is asked to pay a shipping cost of $5.95. Conway said the scammers then collect a victim's personal details for further affiliate marketing campaigns, as well as a credit card number.
Spam via SMS (short message service) is nothing new. In the past, spammers bought SIM cards in bulk and inserted them into a SIM card bank to start a spam campaign. As the spammy numbers are shut down by operators, the SIM cards are swapped out with fresh ones.
But with that method, the spammers incurred the cost of buying SIM cards. They also had to be in the same country as victims in order to avoid international SMS sending charges.
The latest method neatly avoids both of those costs. Conway said using malware allows the scammers to conduct campaigns from anywhere in the world at no extra cost. The people whose phones are infected will incur the costs of sending the SMS messages, which could be expensive for some people with monthly SMS limits, Conway said.
- Mobile First: Securing Information Sprawl Learn how the partnership between Box and MobileIron can help you execute a "mobile first" strategy that manages and secures both mobile apps...
- AIIM Trendscape: The New Mobile Reality This AIIM Trendscape report shares data, expert opinions, and a unique perspective on the impact of cloud and mobility in the enterprise, surfacing...
- Empowering Your Mobile Workers A modern mobile IT strategy is no longer an option, it is an absolute necessity. Here's how some of the nation's most progressive...
- Mobile Content, Collaboration & IDC's 3rd IT Platform: The Next Frontier for the Mobile Enterprise IDC focuses this article on talks about the new IT platform. This 3rd IT Platform will be the new wave for about the...
- On Demand: Mastering the Art of Mobile Content Management Mobile device usage in the enterprise has skyrocketed, and it continues to escalate. IT must answer to users who demand access to their...
- Why do you need an enterprise mobile platform? Today companies must offer great apps that run on a range of devices, and connect to an exploding set of backend data. Appcelerator... All Mobile/Wireless White Papers | Webcasts