SpamSoldier SMS spamming botnet found targeting Android devices

December 17, 2012

    Android Malware, Viruses, and Malicious Apps

    We continue to talk about Android malware today – after seeing not one, but two reports in recent days detailing malware expectations in the mobile worlds for 2013, but also after hearing about the Samsung Exynos exploit that could make things easier for malicious apps.

    This time around we’re looking at an article posted on the blog of security firm Lookout about a newly discovered SMS spamming botnet. Called SpamSoldier, the spammer botnet “uses infected phones to send a barrage of SMS spam messages without the user’s consent.” Here are some text examples:

    • “You’ve just won a $1000 Target gift card but only the 1st 1000 people that enter code 7777 at hxxp://holyoffers.com can claim it!”
    • “Download Grand Theft Auto 3 & Need for Speed Most Wanted for Android phones for free at hxxp://trendingoffers.com for next 24hrs only!”

    As you can see, Android users are also targeted by the botnet, which itself is spreading via such SMS messages. Thinking they get deals on certain apps, users click on links provided in such messages at which point the malicious apps installs itself on the smartphone, deletes it tracks and starts, well, doing its job: sending SMS messages.

    Once installed, the app spams 100 U.S. phone numbers at a time. When it’s done with each batch it reloads with another fresh set. Meanwhile users don’t know what’s happening as the app deletes outgoing messages and intercepts any SMS replies to the messages it sends.

    So far, the impact is seen as “limited,” but while detections “remain low,” Lookout has observed “instances on all major U.S. carriers.” Obviously, Lookout says its own app detects the threat, both the Free and Premium versions.

    Has anyone been affected by such a malicious app? How did you discover it?

    Source

    Comments

    • Dale

      I got a sms that I entered a contest. Called Bestbuycontest.com which I never did entered. lol

      • Ed Baker

        Got that one on black Friday as did my wife. Both on our old non-android flip phones. Didn’t even know those ones had text services. Since we don’t use text or Web with those phones and almost no one has the numbers, we believe they were targeting blocks of cell numbers.
        Best buy give something away for free? Yeah right!

        • Jared Persinger

          I got the same one but I immediatly knew it was mallicous

    • Nathan Sann

      Yeah I received a Bestbuycontest.in text. I opened it in a javascript blocking browser. Realized it was pretty darn fishy. Glad I didn’t open it on my phone, as it seemed very odd. Plus I received 2 at the same time. Should I text those people back and let them know their phone has been hacked? (Or I am sure they know by now, considering…

    • RarestName

      Sounds dangerous.

    • Justin W

      I’ve been on the receiving end of multiple of these texts. It’s unfortunate, but it happens. Obviously, replying “Stop” doesn’t do squat like other normal spam sms-type services.

    • http://jechosan.page.tl/ Rigel Brock

      The Android from Google is among one of the best and extremely in need solution at present. Along with the entry of a number of smart products.

      • QwietStorm

        What

    • Jared Persinger

      These people that makes this kind of stuff are very smart, so why waste it on ruining peoples electronics?

    Popular

    Latest