updated 12:36 pm EST, Tue December 18, 2012
SpamSoldier sends out thousands of SMS messages
Security firm Lookout this month discovered another spam botnet on the Android platform that uses infected phones to send out thousands of SMS messages without user permission. The new botnet, dubbed SpamSoldier, is not widespread, but it uses the promise of gift cards and other free offers to propagate itself through SMS. Lookout identified the malware with the help of one of its carrier partners.
SpamSoldier relies heavily on SMS messages advertising free versions of popular games such as Need for Speed or Angry Birds Space. When a user clicks an infected link, their phone downloads an application claiming to install the game. The downloaded app instead installs and hides a copy of SpamSoldier, which immediately begins sending out more fraudulent SMS messages to lure in more users.
According to Lookout, the malware is still limited in its impact. Overall detections remain low, but the potential remains for the malware to spread if users are not careful. Lookout recommends that users only download apps from reputable app stores and protect their devices with a mobile security app as well.