Two Internet security researchers who recently reported their findings of an Android botnet that pushes spam to users' Yahoo email accounts now say they might have jumped the gun.
In an update from The Wall Street Journal, the two researchers aren't as sure that their original claims about the alleged Android malware and botnet are correct.
"Chester Wisniewski, senior security adviser at Sophos, said he is rechecking his findings after Google and some other security researchers disputed findings of an Android 'botnet,' or a cluster of computers hijacked by hackers," The Journal reported in its Digits blog. "In an interview Thursday, Mr. Wisniewski said that the spam he identified generated by Yahoos free Web-based email service was different than normal patterns of email spam but 'we dont know for sure that its coming from Android devices.'"
The other security researcher, Microsoft engineer Terry Zink, also backtracked on his original report about the alleged Android malware, stating in a follow-up post "that he also didnt know for sure that Android devices had been compromised," according to The Journal. Yes, its entirely possible that bot on a compromised PC connected to Yahoo Mail' and inserted the 'Yahoo Mail for Android' tagline at the bottom of the spam messages 'to make it look like the spam was coming from Android devices,' he wrote."
Google, which owns and develops the Android mobile operating system, continues to deny the researchers' claims since the first reports were released. The evidence weve examined does not support the Android botnet claim," the company said in a statement through a spokesman. "Our analysis so far suggests that spammers are using infected computers and a fake mobile signature to try to bypass anti-spam mechanisms in the email platform theyre using. Were continuing to investigate the details.
The original reports from the two security researchers stated that the alleged malware would get into a user's smartphone through a rogue app, which then used users Yahoo free email accounts to send out spam, according to an earlier story on eWEEK.com. "Microsoft engineer Terry Zink said he found spam samples coming from compromised Yahoo email accounts, but then noted that they were being sent from Android mobile devices."
Weve all heard the rumors, but this is the first time I have seen ita spammer has control of a botnet that lives on Android devices, Zink originally wrote in a blog post July 3. These devices log in to the users Yahoo Mail account and send spam. ¦ The messages all come from Yahoo Mail servers. They are all from compromised Yahoo accounts. They are sending all stock spam, the typical pump and dump variety that weve seen for years.
Now, though, there are questions about the validity of those initial claims in this case.