Take our FREE 30-Day Trial with no obligation required.

Experience for yourself why MaaS360 is a leader in MDM Solutions.


Fill out your information below to start.

Your email and personal information are confidential, and will not be sold or rented. See our Privacy Policy for more information.

Click here to hide

MaaS360 by Fiberlink

Android not responsible for botnet, experts say

Computer-based malware may have been attempting to hurt the reputation of Android security.


Android not responsible for botnet, experts say

android, malware, security

According to a recent blog post by Terry Zink, Program Manager for Microsoft Forefront Online Security, computer-based malware may have been targeting Android device security. Early claims of an Android-based botnet started circulating throughout the media, leading many to believe Android devices were being used to send spam. However, the issue might not be as clear as it was originally presented.

"All of these messages are sent from Android devices," Zink wrote. "We’ve all heard the rumors, but this is the first time I have seen it - a spammer has control of a botnet that lives on Android devices. These devices login to the user’s Yahoo Mail account and send spam."

Zink originally believed the source to be a malicious Android app, noting that lax application security practices could lead to the spread of app-based malware. He also noted that users are far less likely to download malicious software if they use the Android app store.

Android security: Still in good shape

According to Zink, a botnet has never compromised the security of an Android device. Had this occurred, it would have made mobile device security headlines.

Google has denied the claim that the spam originated from its mobile devices. "The evidence we’ve examined does not support the Android botnet claim," said a Google spokesperson. "Our analysis so far suggests that spammers are using infected computers and a fake mobile signature to try to bypass anti-spam mechanisms in the email platform they’re using. We’re continuing to investigate the details."

According to a recent Wall Street Journal blog post, several security experts admitted the possibility that the Android signatures could have been spoofed, making it seem like the spam came from Android. The post provided insight from Alex Stamos, CTO of web-security firm Artemis Internet, who explained that it's unlikely spammers were targeting mobile networks. Spammers prefer to use methods that allow them to rapidly change Internet Protocol addresses, which is not something that is easy to accomplish on mobile networks.

Android popularity growth raises security concerns

Businesses should take measures to secure Android devices connecting to their corporate networks. A Computerworld article highlighted the growing popularity of Android, with more than 900,000 new devices being activated every day. Android adoption is expected to continue and the smartphone OS is expected to reach a 61 percent market share by the end of 2012.

The increasing popularity of Android also means businesses will need security support for the device. As platforms become more popular with users, they can become a target for malware developers hoping to take advantage of a large population of potential victims.

Recommended Articles for You

Post a Comment

No one has commented on this page yet.

RSS feed for comments on this page | RSS feed for all comments

Industry News
TRUSTe European Safe Harbor certification TruSaaS
© Fiberlink Communications Corp. All rights reserved. Privacy Policy
All brands and their products, featured or referred to within this site, are trademarks or registered trademarks of their respective holders and should be noted as such.