Researchers are defending their claims that a botnet is using infected Android mobile phones to send spam from compromised Yahoo Mail accounts.
Last week, researchers from Microsoft and Sophos claimed that they had uncovered a botnet involving Android mobile phones and comproised Yahoo Email accounts.
On Tuesday, Microsoft’s Terry Zink blogged that he had seen spam coming from compromised Yahoo Email accounts with a Message ID indicating that it was sent from Android devices. “We’ve all heard the rumors, but this is the first time I have seen it — a spammer has control of a botnet that lives on Android devices”, he wrote.
On Wednesday, Chester Wisniewski noted that SophosLabs had uncovered a spam campaign that appeared “to originate from compromised Google Android smartphones or tablets. All of the samples at SophosLabs have been sent through Yahoo!'s free mail service and contain correct headers and DKIM signatures.”
But Google vehemently disputed the researchers’ claims. “The evidence we’ve examined does not support the Android botnet claim. Our analysis so far suggests that spammers are using infected computers and a fake mobile signature to try to bypass anti-spam mechanisms in the email platform they’re using. We’re continuing to investigate the details”, the company said in a statement obtained by the Wall Street Journal.
source: Info Security