Security experts have pointed out that malware which is downloaded through apps taken from third-party sites is responsible for sending out spam emails from the Yahoo accounts of the users of Android, resulting in a rise in instances of attack on Google’s operating systems for phones.
The malware, developed by spammers, creates a botnet from phone devices running on Android. It is usually downloaded into the phone through a rogue application, sending out spam from countries like Lebanon, Indonesia, Russia, Oman, Chile, Saudi Arabia, the Philippines, Ukraine, Venezuela and Thailand, after gaining access to the free Yahoo accounts of the user, as found out by Terry Zink, an engineer at Microsoft. On his blog, Zink has stated that there is a chance of a spammer being in control of a botnet on devices running on Android. The malware was possibly downloaded on Android devices by users who downloaded apps from websites on the Internet in order to avoid paying for them, as against downloading them from Google’s Play store. A rogue Yahoo Mail app can also be responsible for the malware. However, there’s also a possibility that spammers must have used a PC to send spam through Yahoo’s Android API and slip in a ‘sent from Android’ signature to trick spam filters at Yahoo.
Though Android has more malware as compared to other platforms in the smartphone market, the chances of downloading malware are less if apps are bought through Android’s market. The fact that the spam is coming from only specific countries proves that unlike users in the developed world, users from developing countries are less likely to practice security measures, leading to such problems, as pointed out by Zink. Security advisors agree that instead of opting to download Trojanized pirated copies of Android apps from sources that are unofficial, Android users should be cautious and download apps for their phones from Google or Amazon after checking reviews as the chances of downloading malware are then cut down drastically. They could also try upgrading their OS. Google, in their attempt to keep malware away, has developed the Bouncer program which scans apps available on Google’s Play store for malware.
On account of the increasing number of devices running on Android, security experts predict an increase in malware that could be written for such devices. Out of malware samples targeting mobile platforms, 46.7 percent of it was accounted for by Android malware in 2011.