Google disputes Android botnet spam claim

Android robot, Getty Google has said the spam only looks like it is coming from Android phones

Related Stories

Google has disputed claims that many Android phones have been infected with a virus that makes them churn out spam.

On 4 July, Microsoft researcher Terry Zink claimed to have discovered evidence of Android phones being enrolled into a botnet.

Botnets typically use infected PCs as spam generators but Mr Zink said he found evidence that Android smartphones were being used in the same way.

In a statement, Google said there was no evidence to support Mr Zink's claim.

The search giant's investigation suggested the junk messages originated on PCs but the spammers sending them formatted them to look like they came from Android smartphones.

"Our analysis suggests that spammers are using infected computers and a fake mobile signature to try to bypass anti-spam mechanisms in the email platform they're using," said Google.

By taking this step, said Google, the junk mail would have a better chance of defeating spam filters and ensure that messages reached inboxes.

If the spam were coming from a botnet made up of Android phones, it would be the first ever.

Mobile security specialist Lookout also questioned Mr Zink's initial claim. In a blogpost, head of the firm Kevin Mahaffey said it was possible that the spam was originating from lots of Android phones infected with a malicious program.

However, he said, Lookout's investigation had also uncovered some serious issues with the Yahoo mail app for Android that suggested it was a risk for all users of it. Lookout had told Yahoo about the problems which were now being worked on.

Address origin

In a follow-up to his original post, Mr Zink agreed that it was not proven that Android phones had been compromised.

He added that it was "entirely possible" that the spammers had faked the message formatting to make it look like it originated on a phone.

However, he added, there was no doubt that the number of malicious programs written for Android was on the increase. Given that he said: "The reason these messages appear to come from Android devices is because they did come from Android devices."

Chester Wisniewski, senior security advisor at Sophos, also posted more information about the case. He said that although Sophos did not have a sample of the malware sending the spam in question there was evidence to suggest it came from smartphones.

Sophos could find no hint that the formatting on the messages was faked, he said, and some elements of what it had seen would be impossible to spoof.

In addition, he said, much of the spam was coming from net addresses owned by mobile operators.

More on This Story

Related Stories

The BBC is not responsible for the content of external Internet sites

More Technology stories

RSS

Features

BBC © 2014 The BBC is not responsible for the content of external sites. Read more.

This page is best viewed in an up-to-date web browser with style sheets (CSS) enabled. While you will be able to view the content of this page in your current browser, you will not be able to get the full visual experience. Please consider upgrading your browser software or enabling style sheets (CSS) if you are able to do so.