July 5, 2012 - 14:27 AMT
PanARMENIAN.Net - Security firm Sophos has discovered Android malware that generates money for cyber criminals by running as a spam botnet, The Inquirer reports.
The malware, which is thought to come from downloading pirated programs from unofficial app stores, takes advantage of compromised devices by sending adverts for dodgy pills such as discounted Viagra and diet tablets, worthless penny stocks and dubious electronic greeting cards.
"The messages appear to originate from compromised Google Android smartphones or tablets," said senior security advisor at Sophos Canada, Chester Wisniewski in a blog post. "You can imagine the cellular phone bill you might receive if your phone is being used to download and spam out thousands of these messages."
Sophos analysed samples of the malware that originated in Argentina, Ukraine, Pakistan, Jordan and Russia. It found that texts such as "Now offering medications for Weight Loss, Diabetics, Pain Reduction!" and "Viagra+Cialis Super Active, Alprazolam, Vicodin etc...Pick up you're meds for 75 per cent off today" were being used in the ads.
Other samples employ images and animated gif files to promote discounted pharmacy products, preying on those too embarrassed to go to doctors.
Wisniewski advised that users should stick to official app stores such as Google and Amazon for downloading apps and programs for their smartphones and tablets.
"It is likely that Android users are downloading Trojanised pirated copies of paid Android applications," he said. "The widespread nature of source devices is unusual as most Android malware is not downloaded from Google Play, but localised 'off market' download sites."
The discovery comes only a day after Trend Micro said mobile malware quadrupled between the first and second quarters this year, adding fears that security threats facing Android devices are increasing.