Earlier this week Android users got quite a scare. Security experts said that an Android malware is creating a spam botnet. The Android malware botnet was said to have hacked into email accounts and send spam emails.
Over the past few weeks, more and more users have complained about a malware that sends spam through Yahoo free email accounts. Security experts have looked into the matter and found an Android malware at the root of the spam botnet situation.
Security experts with Sophos Ltd. And Microsoft Corp. have researched the complaints and found Android based devices were infected with a malware that gives access to Yahoo Mail. Once an account is compromised, it begins to generate spam emails from within the mail client.
Microsoft engineer Terry Zink panicked users when he wrote in a blog post that a “spammer has control of a botnet that lives on Android devices”. Tuesday Zink was explaining it was for the first time he has ever seen a spam botnet thriving in Android devices.
“These devices log in to the user’s Yahoo Mail account and send spam…The messages all come from Yahoo Mail servers” said Microsoft’s engineer. “They are all from compromised Yahoo accounts. They are sending all stock spam, the typical pump and dump variety that we’ve seen for years” reads Zink’s post.
To the end of his post, Zink concludes it’s either the users or the Yahoo Mail app at fault for the malware. “I am betting that the users of those phones downloaded some malicious Android app in order to avoid paying for a legitimate version and they got more than they bargained for” writes Zink. “Either that or they acquired a rogue Yahoo Mail app”.
But this Thursday, Terry Zink changed his point of view, saying he’s not exactly positive it’s Android that’s keeping the malware alive. “Yes, it’s entirely possible that bot on a compromised PC connected to Yahoo Mail” and used the “Yahoo Mail for Android” tagline to cover its tracks.
Before Zink had his change of mind, a Google spokesman denied any Android involvement in the spam botnet. “Our analysis so far suggests that spammers are using infected computers and a fake mobile signature to try to bypass anti-spam mechanisms in the email platform they’re using” reads the company’s statement.