Attack Turns Android Devices Into Spam-Spewing Botnets

  /     /     /  
Publicated : 22/11/2024   Category : security


Attack Turns Android Devices Into Spam-Spewing Botnets


Beware Trojan app sending 500,000 spam SMS messages per day, charging messages to smartphone owners.



From an attackers perspective, malware doesnt need to be elegant or sophisticated; it just needs to work.
Thats the ethos behind a recent spate of Trojan applications designed to infect smartphones and tablets that run the
Android operating system
, and turn the devices into spam-SMS-spewing botnets.
By last week, the malware was being used to send more than 500,000 texts per day. Perhaps appropriately, links to the malware are also being distributed via spam SMS messages that offer downloads of popular Android games--such as Angry Birds Star Wars, Need for Speed: Most Wanted, and Grand Theft Auto: Vice City--for free.
[ Anonymous hacks Westboro Baptist Church in aftermath of Connecticut school shooting. Read more at
Anonymous Posts Westboro Members Personal Information
. ]
Despite the apparent holiday spirit behind the messages, however, its just a scam. If you do download this spamvertised application and install it on your Android handset, you may be unknowingly loading a malicious software application on your phone which will induct your handset into a simple
botnet
, one that leverages the resources of your mobile phone for the benefit of the malwares author, according to an
overview of the malware
written by Cloudmark lead software engineer Andrew Conway.
The malware in question uses infected phones to silently send out thousands of spam SMS messages without your permission to lists of victim phone numbers that the malware automatically downloads from a command and control server, said Conway. Of course, the smartphone owner gets to pay any associated SMS-sending costs.
An earlier version of the malware was discovered in October, disguised as anti-SMS spam software, but it remained downloadable for only a day. Apparently using SMS spam to promote a bogus SMS spam blocking service was not an easy sell, said Conway. Subsequently, the malware was repackaged as free versions of popular games, and the malwares creator now appears to be
monetizing the Trojan
by sending
gift card spam
of the following ilk: You have just won a $1000 Target Gift Card but only the 1st 777 people that enter code 777 at [redacted website name] can claim it!
As with the majority of Android malware, the malicious apps can be downloaded not from the official Google Play application store, but rather from
third-party download sites
, in this case largely based in Hong Kong. In general, security experts recommend that Android users
stick to Google Play
and avoid third-party sites advertising supposedly free versions of popular paid apps, since many of those sites appear to be little more than fakeware distribution farms. But since Android users are blocked from reaching Google Play in some countries, including China, third-party app stores are their only option.
After installing the malware and before it takes hold, a user must first
grant the app numerous permissions
-- such as allowing it to send SMS messages and access websites. Only then it can successfully transform the mobile device into a spam relay. Of course, people in search of free versions of paid apps may agree to such requests. Furthermore, not many people read the fine print when installing Android applications, said Conway.
If a user does grant the malware the requested permissions, it will transform their Android device into node, or zombie, for the malware creators botnet. At that point, the malware immediately phones home to a command-and-control server via HTTP to receive further instructions. Typically a message and a list of 50 numbers are returned, said Conway. The zombie waits 1.3 seconds after sending each message, and checks with the C&C server every 65 seconds for more numbers.
Again, the Android malware used to build the accompanying SMS-spewing botnet isnt sophisticated, but it does appear to be earning its creator money. Compared with PC botnets this was an unsophisticated attack, said Conway. However, this sort of attack changes the economics of SMS spam, as the spammer no longer has to pay for the messages that are sent if he can use a botnet to cover his costs. Now that we know it can be done, we can expect to see more complex attacks that are harder to take down.
Your employees are a critical part of your security program, particularly when it comes to the endpoint. Whether its a PC, smartphone or tablet, your end users are on the front lines of phishing attempts and malware attacks. Read our
Security: Get Users To Care
report to find out how to keep your company safe. (Free registration required.)

Last News

▸ IoT Devices on Average Have 25 Vulnerabilities ◂
Discovered: 23/12/2024
Category: security

▸ DHS-funded SWAMP scans code for bugs. ◂
Discovered: 23/12/2024
Category: security

▸ Debunking Machine Learning in Security. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Attack Turns Android Devices Into Spam-Spewing Botnets