Android Users Hit With Spam Botnet Virus 'SpamSoldier'
By Yannick LeJacq | December 20, 2012 6:32 AM EST
If you own an Android smartphone, you might want to think twice before clicking on the link in that text message you received recently asking if you’d like to download a free version of “Grand Theft Auto 3” or “Need For Speed: Most Wanted.” Independent reports from two network security firms have discovered a new spam-forwarding botnet known as SpamSoldier that is infecting Android smartphones. And the infection could be spreading fast across the U.S.
In a report released last Sunday, network security firm Cloudmark identified a number of malicious mobile apps that were infecting Android smartphones after being downloaded from a server based in Hong Kong instead of Google’s (Nasdaq: GOOG) own app store, Google Play.
The apps are delivered through a text message that prompt users to download popular games like “Angry Birds” or “Max Payne 3” for free just by clicking on an embedded link.
Users still have to follow a few more steps to actually download the malicious software, of course. But Android owners not accustomed to reading all the fine print attached to a mobile app may not notice anything out of the ordinary.
“You have to grant permission to the app to do all sorts of things that no Angry Bird should ever need to do, like surfing the web and sending SMS messages,” Cloudmark said.
Once that permission is granted, however, the virus “gets right to work,” mobile security firm Lookout said in its report this week.
The Trojan app removes its icon, and may even install a version of the game in question to keep the user unaware as it begins to connect to a Command & Control (C&C) server a receive a new spam message along with a list of 100 more U.S. smartphone contacts to spam.
“You better have an unlimited message plan or your phone bill may come as a bit of a shock,” Cloudmark's report continued.
If Android user app is installed the icon vanishes from the home screen then contacts a remote server to receive a list of target numbers so that it can begin dispensing spam messages via the infected phone.
Lookout noted that SpamSoldier is specifically designed to conceal its tracks by hiding or removing any sign of “malicious activity.” The app intercepts any incoming replies to its spammed text message and conceals outgoing messages from the smartphone owner, leaving him or her unaware of their own complicity in the virus’s spread.
“Compared with PC botnets this was an unsophisticated attack,” Cloudmark said. “However, this sort of attack changes the economics of SMS spam, as the spammer no longer has to pay for the messages that are sent if he can use a botnet to cover his costs.”
“Now that we know it can be done, we can expect to see more and more complex attacks that are harder to take down.”
Both reports caution Android users against opening unexpected messages or respond to offer free versions of apps outside of Google Play.
To contact the editor, e-mail:
Join the Conversation
- Black Friday 2014 Sale: Top Deals On Game Consoles Xbox One, PS4, Nintendo Wii U And More
- Walmart Pre-Black Friday 2014 Sale On Nov. 21, 2014 Includes Discounts On The 'NBA 2K15' For PS4 And The 'Skylanders Trap Team’ Starter Kit [WATCH VIDEO]
- More Bad News for Android 5.0 Lollipop As Problems Come In for Nexus and Other Devices
- BlackBerry Classic (aka Q20) Keyboard Shortcuts Explained In A Quick Video
- US To Supply Defensive Lethal Weapons To Kiev – A Vey Alarming Signal, Says Russia
- Amazon Black Friday 2014 Deals Start On Nov. 21, 2014 Including Limited-Time Lightning Deals And Deals Of The Day On Clothes, Toys, Jewelry, Watches, Bags, Accessories And Electronics
- Travel Alert: New Delta Air Lines Airbuses Could Be Seen In Australia Soon