We’ve all become accustomed to the
uncomfortable fact that botnets lurk in the more unseemly corners of the
intertubes. These networks of interconnected computers are used to
carry out DDoS attacks and spend spam without the owner’s knowledge.
What may come as a surprise, is that security researchers have now
pointed the finger at Android smartphones as a new component of botnets. Is it finally time to look suspiciously at that phone in your hand?
This report comes by way of Microsoft researcher Terry Zink, who
posits that Android phones are being used to send spam from Yahoo! mail
servers. There is no way currently to know who is controlling this
supposed botnet, but the IP addresses indicate the devices are being
used in various countries around the world including Chile, Indonesia,
Philippines, Russia, Saudi Arabia, Thailand, Ukraine, and Venezuela.
Microsoft’s Windows Phone
platform is being pushed as an alternative to Android, but there is no
reason to assume that Zink is being disingenuous. Sophos Security has
reviewed the findings and agrees that it does look like a new botnet is
living on Android phones. Although, Sophos is careful to point out that
until a causative agent can be identified, there is no way of knowing
for sure.
When you think about it, smartphones are a perfect vector for
botnets. They are on virtually all the time, have a constant internet
connection, and people have not yet become wary of installing
potentially malicious apps on their phones. Google has had some malware
scares in the past in the official Play Store, but the location of this
outbreak makes infiltration of that repository unlikely. Google’s
response to the report was to tout its Bouncer anti-malware system,
which has had success in seeding out scams and malware.
Source: http://www.geek.com
0 comments:
Post a Comment