Android botnet sends SMS spam through Android phones
Cloudmark says it is the first time its researchers have detected a botnet that abuses sends spam through infected Android phones.
IDG News Service - In a new twist, spammers have built a botnet that sends SMS spam through infected Android phones, shifting the potentially pricey cost of sending spam to victims.
The trend, spotted by security vendor Cloudmark, poses a new challenge for operators. Victims whose phones are sending the SMS spam often do not know their phone is infected, and they could have their account suddenly shut down by their operator if abuse is detected.
"I think they [operators] are still working out how to deal with this," said Andrew Conway, lead software engineer with Cloudmark, which makes antispam products for operators. "This is fairly new."
Cloudmark noticed that a server located in Hong Kong was hosting two Android games, "Angry Birds Star Wars" and "The Need for Speed Most Wanted," for the Android mobile operating system. Both games were infected with malware that connects the phones with rogue servers that deliver instructions for a mobile spam campaign.
When connected to the rogue command-and-control servers, the victim's phone receives a list of around 50 phone numbers along with the spammy text, Conway said. The malware on the Android device will wait a little more than one second after sending a message, then will eventually check in with the rogue server to obtain more numbers. If the phone is shut off and turned on again, the malware reboots and installs itself as a service on the phone, Cloudmark said.
In one example, the spam messages contained links to the malicious applications in hopes of infecting other users. In another example, the spam message falsely informed people they had won a gift card. But in order for the gift card to be delivered, the victim is asked to pay a shipping cost of $5.95. Conway said the scammers then collect a victim's personal details for further affiliate marketing campaigns, as well as a credit card number.
Spam via SMS (short message service) is nothing new. In the past, spammers bought SIM cards in bulk and inserted them into a SIM card bank to start a spam campaign. As the spammy numbers are shut down by operators, the SIM cards are swapped out with fresh ones.
But with that method, the spammers incurred the cost of buying SIM cards. They also had to be in the same country as victims in order to avoid international SMS sending charges.
The latest method neatly avoids both of those costs. Conway said using malware allows the scammers to conduct campaigns from anywhere in the world at no extra cost. The people whose phones are infected will incur the costs of sending the SMS messages, which could be expensive for some people with monthly SMS limits, Conway said.
- Assessing ROI for Mobile Acceleration Clients This EMA® paper examines the business case for deploying mobile WAN optimization client software and builds a ROI model based on the experiences...
- The Apple-ization of the Enterprise: Understanding IT's New World Read this paper for how to tackle Apple-ization (and the related consumerization of IT and Bring Your Own Device/BYOD).
- A Practical Introduction to Enterprise Mobility Management Read the white paper to better understand the basic concepts within mobility management and to learn how you can apply EMM technology to...
- Enterprise Mobility: A Checklist for Secure Containerization The advantages and disadvantages of the multiple approaches to containerization. Learn More>>
- On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy...
- Mobile Security: Containerizing Enterprise Data In this on-demand webinar, Fixmo's Lee Cocking, VP of corporate strategy, explains why Apple-ization trends like mobility and "bring-your-own-device" (BYOD) are driving the... All Mobile/Wireless White Papers | Webcasts
Our new weekly Consumerization of IT newsletter covers a wide range of trends including BYOD, smartphones, tablets, MDM, cloud, social and what it all means for IT. Subscribe now and stay up to date!