Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft Engineer Discovers Android Spam Botnet, Google Denies Claim

Posted by samzenpus on from the yes-you-did-no-we-didn't dept.

An anonymous reader writes "Microsoft engineer Terry Zink has discovered Android devices are being used to send spam. He has identified an international Android botnet and outlined the details on his MSDN blog. A closer look at the e-mails' header information shows all the messages come from compromised Yahoo accounts. Furthermore, they are also stamped with the 'Sent from Yahoo! Mail on Android' signature. Google has denied the allegations. 'The evidence does not support the Android botnet claim,' a Google spokesperson said in a statement. 'Our analysis suggests that spammers are using infected computers and a fake mobile signature to try to bypass anti-spam mechanisms in the email platform they're using.'"

13 of 152 comments (clear)

  1. Just link to the ACTUAL blog entry by Anonymous Coward · · Score: 5, Insightful

    Would it kill you to link to MSDN - where the blog entry actually resides? I get the anti-MS sentiment (although jeez, quit living in the 90s), but making readers jump to ZDNet first (or sending them back to /.) is just being passive aggressive.

    1. Re:Just link to the ACTUAL blog entry by Taco+Cowboy · · Score: 3, Insightful

      Fascinating conclusion he's come to. It looks like MS engineers don't understand Joe jobs.

      Under normal circumstances, MS does not hire idiots (with exception of Ballmer, of course)

      So ... this looks more like that MS engineer trying to make a name for himself
       

      --
      Muchas Gracias, Señor Edward Snowden !
    2. Re:Just link to the ACTUAL blog entry by Tough+Love · · Score: 3, Insightful

      I get the anti-MS sentiment (although jeez, quit living in the 90s)

      Microsoft remains as evil as it ever was, two decades later. Anti-MS sentiment is not only richly deserved, but prudent.

      --
      When all you have is a hammer, every problem starts to look like a thumb.
    3. Re:Just link to the ACTUAL blog entry by Unoriginal_Nickname · · Score: 5, Insightful

      Microsoft is evil in the same way that suicide is a sin. We're talking about a company that's only relevant on one doomed platform, choking to death on too many brands and too many failed attempts to enter other markets. Unix is everywhere. Unix beat Microsoft a long time ago.

      Stop poisoning the discourse by giving Microsoft such a disproportionate share of the hate. Adobe's just as bad, and Oracle's a lot worse. Why don't you rail against them? Why don't we talk about how, once Windows is gone, our only practical choice will be between a walled garden or an operating system that's philosophically dominated by the toxic, vapid musings of a man who literally believes that it is better to let your children starve to death than ply your trade as a software developer?

  2. Re:A Microsoft engineer? by ackthpt · · Score: 3, Insightful

    and he doesn't realise that any program on any computer on the internet could pretend to be on android? I don't know much about mail but I would guess the"'Sent from Yahoo! Mail on Android' signature" would have been set by the client

    Engineer perhaps doesn't mean so much at Microsoft.

    Posted from my AndBot

    --

    A feeling of having made the same mistake before: Deja Foobar
  3. Avoiding lawsuits by gmuslera · · Score: 3, Insightful
    Microsoft was a monopoly in botnets, better to claim that are others somewhere else, even if they have to build it themselves.

    Anyway, a botnet uses a standard mail client to send its payload? Even thinking that is a bad signal about them.

  4. It Shouldn't Be Too Hard To Verify by NotSanguine · · Score: 4, Insightful

    Or to disprove the claim if we can look at the mail headers. Especially if we have multiple samples.

    The claim, on its face, is plausible. However if you're a spammer, you want to send out as many emails as quickly as you can. Sending emails via a wireless device (either WiFi or cellular) seems like wasted effort when there are so many cable/dsl/fiber connected PCs (running whatever OS, but usually Windows) out there that can send many more spam emails in the same amount of time -- Usually without alerting non-technical users who don't review their router/firewall logs often, if ever.

    All that said, I suppose it's possible. It just seems a little strange that this should come out of Microsoft -- especially since there are many very technical people out there who are rolling their own Android -- you'd think they'd have found it first.

    --
    No, no, you're not thinking; you're just being logical. --Niels Bohr
  5. Re:Go Microsoft by Anonymous Coward · · Score: 2, Insightful

    And if anyone knows how to create scenarios to ensure that Google doesn't look bad, it will be Slashdot.

  6. Doesn't realise? Or... by DragonWriter · · Score: 4, Insightful

    A Microsoft engineer? and he doesn't realise that any program on any computer on the internet could pretend to be on android?

    Well, either "doesn't realise" or "has a vested interest leading him to first fail to mention and, after that, downplay the possibility". Which is more likely is left as an exercise to the reader.

  7. Re:Go Microsoft by thatseattleguy · · Score: 5, Insightful

    And if anyone knows how to take what should be a simple, straightforward, technical discussion and turn it into a MS vs Google flame war, it will be Slashdot commenters.

  8. Re:Is it just Yahoo? by kesuki · · Score: 4, Insightful

    nothing shows up because it's not on her pc, i've had spam coming from a former online friend, and more recently spam claiming to come from my own yahoo address.it turns out if you manually set the x-apparently-from yahoo will show that as the sender. yahoo explains it better here http://answers.yahoo.com/question/index?qid=20100725063846AAoDV1T

    --
    https://www.gnu.org/philosophy/free-sw.html
  9. Re:Why not? by CoderJoe · · Score: 3, Insightful

    Now try again, without requiring flashing a custom OS version or root. The average user is not going to do any of that.

  10. Re:A Microsoft engineer? by Anonymous Coward · · Score: 1, Insightful

    And you are a blathering idiot if you actually believe MS engineers are not some of the best software engineers in the world. You can go after MS for a whole host of shit but their engineers in their development and R&D entities are hardly stupid. The competition to recruit these people is intense and constant. Google in particular are constantly on the prow to snag engineers of this caliber. The vast majority of MS security and other issues can be placed at the feet of incompetent application developers, inattentive users, poor system administrators, and 3rd party hardware driver developers. Plus the fact that there is not a single OS that is invulnerable. Not a single one.