Initial reports earlier this week of a new Android malware botnet could now be erroneous, according to follow-up interviews with the security researchers who made the original claims.
Two Internet security researchers who
recently reported their findings of an Android botnet that pushes spam to
users' Yahoo email accounts now say they might have jumped the gun.
In an update from
The Wall Street Journal,
the two researchers aren't as sure that their original claims about the alleged
Android malware and botnet are correct.
"Chester Wisniewski, senior security
adviser at Sophos, said he
is
rechecking his findings after Google and some other security researchers
disputed findings of an Android 'botnet,' or a cluster of computers hijacked by
hackers,"
The Journal
reported in its
Digits blog. "In
an interview Thursday, Mr. Wisniewski said that the spam he identified
generated by Yahoos free Web-based email service was different than normal
patterns of email spam but 'we dont know for sure that its coming from
Android devices.'"
The other security researcher, Microsoft
engineer Terry Zink, also backtracked on his original report about the alleged
Android malware,
stating
in a follow-up post "that he also didnt know for sure that Android
devices had been compromised," according to
The Journal. Yes, its entirely possible that bot on
a compromised PC connected to Yahoo Mail' and inserted the 'Yahoo Mail for
Android' tagline at the bottom of the spam messages 'to make it look like the
spam was coming from Android devices,' he wrote."
Google, which owns and develops the Android
mobile operating system, continues to deny the researchers' claims since the
first reports were released. The evidence weve examined does not support the
Android botnet claim," the company said in a statement through a
spokesman. "Our analysis so far suggests that spammers are using infected
computers and a fake mobile signature to try to bypass anti-spam mechanisms in
the email platform theyre using. Were continuing to investigate the details.
The original reports from the two security
researchers stated that the alleged
malware
would get into a user's smartphone through a rogue app, which then used
users Yahoo free email accounts to send out spam, according to an earlier
story on
eWEEK.com. "Microsoft engineer Terry Zink said he found
spam samples coming from compromised Yahoo email accounts, but then noted that
they were being sent from Android mobile
devices."
Weve all heard the rumors, but this is the
first time I have seen ita spammer has control of a botnet that lives on
Android devices, Zink originally wrote in a
blog
post July 3. These devices log in to the users Yahoo Mail account and
send spam. ¦ The messages all come from Yahoo Mail servers. They are all from
compromised Yahoo accounts. They are sending all stock spam, the typical pump
and dump variety that weve seen for years.
Now, though, there are questions about the
validity of those initial claims in this case.
Email
Print
