IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Google refutes Microsoft's Android malware claims

Search giant and security experts have dismissd claims that hijacked Android phones have sent out malware.

Virus alert

Google has denied Microsoft claims that its Android operating system has been compromised by malware, resulting in phones being corralled into a botnet by hackers.

Earlier in the week, Microsoft engineer Terry Zink claimed compromised Android devices were part of an international botnet used to push out spam.

In a statement released today, Google said it had found no evidence to support Zink's claims.

"Our analysis suggests that spammers are using infected computers and a fake mobile signature to try to bypass anti-spam mechanisms in the email platform they're using," said a Google spokesman.

An investigation by the search giant suggested junk emails originated on PCs but spammers formatted them to look like they were sent from Android smartphones.

It said the method was used to give the messages a better chance of defeating spam filters.

Other security researchers had backed Zink's view, before backtracking later.

"So one of two things is happening here. We either have a new PC botnet that is exploiting Yahoo's Android APIs or we have mobile phones with some sort of malware that uses the Yahoo APIs for sending spam messages," said Chester Wisniewski of security software vendor Sophos.

He added that one of the interesting data points supporting the argument that this is new Android malware is the unusually large number of originating IPs on mobile networks.

Mobile security company Lookout also cast doubt on Zink's claim. The firm's CTO and co-founder, Kevin Mahaffey, said insecure Android applications were most likely to blame.

"In order for the botnet explanation to be valid, each of the originating devices would have to be infected with mobile malware," he said.

"While this is certainly a possibility (and one that we can't refute), there is another explanation that we believe is significantly more likely," he said.

Regardless of how this spam campaign works, it was clear from initial reports that the Yahoo Mail Android app may play a key role, he added.

"After taking a detailed look at the app, we've found a number of issues that have potentially broader implications for all Android users of Yahoo Mail," he said.

Mahaffey confirmed he had been in contact with Yahoo about vulnerabilities in the app and said the search firm's mobile team was "actively working on these issues."

Featured Resources

The state of Salesforce: Future of business

Three articles that look forward into the changing state of Salesforce and the future of business

Free Download

The mighty struggle to migrate SAP to the cloud may be over

A simplified and unified approach to delivering Enterprise Transformation in the cloud

Free Download

The business value of the transformative mainframe

Modernising on the mainframe

Free Download

The Total Economic Impact™ Of IBM FlashSystem

Cost savings and business benefits enabled by FlashSystem

Free Download

Recommended

Google urges Apple to embrace RCS as standard, ditch SMS for Android texts
Mobile

Google urges Apple to embrace RCS as standard, ditch SMS for Android texts

10 Aug 2022
Google and SkyWater partner on open source chip design platform
Hardware

Google and SkyWater partner on open source chip design platform

29 Jul 2022
Google reveals new office in Atlanta and $1 million in funding for local communities
Careers & training

Google reveals new office in Atlanta and $1 million in funding for local communities

28 Jul 2022
Hackers hiding malicious links in top Google search results, researchers warn
malware

Hackers hiding malicious links in top Google search results, researchers warn

21 Jul 2022

Most Popular

Why convenience is the biggest threat to your security
Sponsored

Why convenience is the biggest threat to your security

8 Aug 2022
How to boot Windows 11 in Safe Mode
Microsoft Windows

How to boot Windows 11 in Safe Mode

29 Jul 2022
Microsoft successfully tests emission-free hydrogen fuel cell system for data centres
data centres

Microsoft successfully tests emission-free hydrogen fuel cell system for data centres

29 Jul 2022