backtop


Print

Google says it's just as likely spam was spoofed and came from Windows PCs

Microsoft Corp. (MSFT) spam researcher Terry Zink played provocateur when he published a blog indicating he had discovering a thriving Android botnet, which appeared to be driven by app piracy in the developing world.  The evidence he presented was a series of emails with distinctive signatures -- both email header information, and the text signature in the body -- indicating they had originating on an Android device.

Google Inc. (GOOG) has responded by pointing the finger back at Microsoft, suggesting that the headers and signature were likely spoofed to look as if they came from Android.   Comments Google, "The evidence does not support the Android botnet claim.  Our analysis suggests that spammers are using infected computers and a fake mobile signature to bypass anti-spam mechanisms in the email platform they're using."

Android has relatively robust anti-spam guards, so even if the device was infected with malware, Google says it would be difficult to exploit it for spamming purposes.

Spoofing
Spoofing is a time honored technique used by hackers to obfuscate IP requests, email headers, and phone numbers. [Image Soource: PC1 News]

As the text signature implicated Yahoo! Mail, the post also raised awkward questions for that company.  Yahoo! Inc. (YHOO) says that it is investigating the report to see if its email client is being abused.  As with the Android aspect, it's again possible that the header and body were merely spoofed to look like they came from the Yahoo! Mail client on Android, typically a relatively trustworthy source.

Header spoofing is a common, technique used by computer criminals.  As an email's header information and text are easily manipulated (or "engineered" in hacker terms), malicious user can change messages' headers to serve the dual purpose of disguising their true origin and to build trust by making it look as if it originated from a legitimate source.

Terry Zink, the researcher who published the original report, has since backtracked in the comments section of his post, acknowledging that spoofing was a possibility, but commenting that it merely seemed more likely that an Android botnet was causing the spam onslaught.  He did not, however, provide any additional evidence of how he came to that conclusion.

Source: The Register





"The Space Elevator will be built about 50 years after everyone stops laughing" -- Sir Arthur C. Clarke



Latest Headlines
How Apple watch Series 2 differ from the S1
February 18, 2017, 5:37 AM
Chuwi LapBook
February 6, 2017, 6:49 AM
LG Watch Style
February 5, 2017, 8:00 AM
New iMac and Release Date
February 4, 2017, 9:30 AM



Most Popular ArticlesHow Apple watch Series 2 differ from the S1
February 18, 2017, 5:37 AM
AMD Offers
February 17, 2017, 6:01 AM
Samsung Notebook 9 vs Acer Aspire S 13
February 17, 2017, 7:23 AM
Seagate FireCuda – 2TB of Fast Gaming Solid State Hybrid Drive Storage
February 6, 2017, 8:24 AM
Comparison: NuVision vs Kindle Fire HD
February 18, 2017, 6:25 AM







botimage
Copyright 2017 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki