Microsoft Security Firm Backtracks On Android Malware Claim as Google Calls them Out

This is a discussion on Microsoft Security Firm Backtracks On Android Malware Claim as Google Calls them Out within the Android News forums, part of the Android.net category; Last week, Microsoft's Frontline online security company claimed that they found evidence of a botnet spammer security hole on Android devices. They pointed out that ...

Results 1 to 3 of 3

Thread: Microsoft Security Firm Backtracks On Android Malware Claim as Google Calls them Out

  1. #1
    Editor in Chief dgstorm's Avatar
    Join Date
    Dec 2010
    Posts
    4,720
    Thanked
    711 times

    Microsoft Security Firm Backtracks On Android Malware Claim as Google Calls them Out


    Last week, Microsoft's Frontline online security company claimed that they found evidence of a botnet spammer security hole on Android devices. They pointed out that there was a spam operation using Yahoo!'s webmail service and claimed that it was coming from an Android device. The spam was using the message ID 1341147286.19774.androidMobile@web14...f1. yahoo.com and includes the line "Sent from Yahoo! Mail on Android." Terry Zink, program manager for Microsoft Forefront online security said, "All of these message are sent from Android devices," he said. "We’ve all heard the rumors, but this is the first time I have seen it – a spammer has control of a botnet that lives on Android devices. These devices login to the user's Yahoo Mail account and send spam."

    Google called Microsoft out on this one. They said, "The evidence we’ve examined does not support the Android botnet claim. Our analysis so far suggests that spammers are using infected computers and a fake mobile signature to try to bypass anti-spam mechanisms in the email platform they’re using. We’re continuing to investigate the details.”

    Since then, Microsoft and other security companies that jumped on this bandwagon backtracked from their initial statements. Here's a quote with a few more details,

    Chester Wisniewski, senior security adviser at Sophos, said he is rechecking his findings after Google and some other security researchers disputed findings of an Android “botnet,” or a cluster of computers hijacked by hackers.

    In an interview Thursday, Mr. Wisniewski said that the spam he identified generated by Yahoo’s free Web-based email service was different than normal patterns of email spam but “we don’t know for sure that it’s coming from Android devices.”

    On Thursday, Mr. Zink stated in a follow-up post that he also didn’t know for sure that Android devices had been compromised. “Yes, it’s entirely possible that bot on a compromised PC connected to Yahoo Mail” and insert the “Yahoo Mail for Android” tagline at the bottom of the spam messages “to make it look like the spam was coming from Android devices,” he wrote.
    So, basically some security firms sponsored by Microsoft pounced on an opportunity to slam Android when they jumped to a conclusion without investigating the facts first. In fact, it was really poor logic on their part to begin with. Here's another quote from a separate security company backing up Google's assertion,

    Alex Stamos, chief technology officer of Web-security firm Artemis Internet, said he’d never seen spam from a mobile app and said it “makes no sense” to do so for several reasons, including that “spammers like” to use devices that that “allow them to send messages quickly” and they like the ability to change the Internet Protocol address–the label assigned to a computer logged on to the Internet—“which is very hard [to do] on a mobile network.”

    Mr. Stamos added: “If Google says that this spam was using a faked signature, then I think that’s likely.”
    Hmmm... it seems like Microsoft was trying to raise a ruckus over nothing. Share your thoughts.

    Thanks for the tip, furbearingmammal!

    Source: TheRegister and Wall Street Journal

  2. Android.net is the premier Android Forum. Registered users do not see these ads. .

  3. #2
    Android Lurker pvoid's Avatar
    Join Date
    Dec 2012
    Posts
    7
    Tons of backdoors on all platforms & os'
    My balls itch so what, micro flop just wants attention
    Soon their gonna probly blame 9-11 on android
    And their easy bake oven aka Xbox 360 comited suicide
    Till ppl found ps3 rocks too and burnout in a week
    Skew microflop!

  4. #3
    Android Lurker pvoid's Avatar
    Join Date
    Dec 2012
    Posts
    7
    Also they see droid os is a major threat to their security and to competitive
    So its getting down talked sometime bad news is good news

Remove Ads

http://www.scramblerducati.org/

Sponsored Links

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Similar Threads

  1. Replies: 0
    Last Post: 04-17-2012, 12:42 PM
  2. Replies: 0
    Last Post: 12-14-2011, 02:29 PM
  3. Replies: 1
    Last Post: 09-06-2011, 10:09 AM
  4. Replies: 0
    Last Post: 08-02-2011, 12:09 PM
  5. Google Pulls 21 Apps In Android Malware Scare
    By allyAndroid in forum LG Ally Apps
    Replies: 5
    Last Post: 03-09-2011, 09:37 PM
Android Forum