There has been a lot of talk this week about Android possibly being the source of a bunch of spam thanks to an Android malware botnet. The finger was pointed at Android by both Sophos and Microsoft earlier in the week after e-mail header information pointed a finger at Google’s Android operating system. However, both Sophos and Microsoft have said that Android being involved in the botnet isn’t confirmed.
Microsoft isn’t letting Android completely off the hook, one of its engineers named Terry Zink has written that it is plausible that a bot on a compromised computer could have inserted a message ID pointing at Yahoo Mail for Android rather than the e-mails actually coming from an Android device. However, Zink also notes that it is quite possible that Android malware is the source of the spam with the significantly increased occurrence of Android malware we’ve been seeing.
Sophos’ Chester Wisniewski also noted that he is rechecking the company’s findings to see if it’s possible that a fake signature could have erroneously pointed a finger at Android. Google for its part continues to say that its own evidence gathering does not support the Android botnet claim. A company spokesperson for Google says that so far its analysis suggests spammers are using infected computers with faked mobile signatures. Investigations into the botnet continue.