backtop


Print

Google says it's just as likely spam was spoofed and came from Windows PCs

Microsoft Corp. (MSFT) spam researcher Terry Zink played provocateur when he published a blog indicating he had discovering a thriving Android botnet, which appeared to be driven by app piracy in the developing world.  The evidence he presented was a series of emails with distinctive signatures -- both email header information, and the text signature in the body -- indicating they had originating on an Android device.

Google Inc. (GOOG) has responded by pointing the finger back at Microsoft, suggesting that the headers and signature were likely spoofed to look as if they came from Android.   Comments Google, "The evidence does not support the Android botnet claim.  Our analysis suggests that spammers are using infected computers and a fake mobile signature to bypass anti-spam mechanisms in the email platform they're using."

Android has relatively robust anti-spam guards, so even if the device was infected with malware, Google says it would be difficult to exploit it for spamming purposes.

Spoofing
Spoofing is a time honored technique used by hackers to obfuscate IP requests, email headers, and phone numbers. [Image Soource: PC1 News]

As the text signature implicated Yahoo! Mail, the post also raised awkward questions for that company.  Yahoo! Inc. (YHOO) says that it is investigating the report to see if its email client is being abused.  As with the Android aspect, it's again possible that the header and body were merely spoofed to look like they came from the Yahoo! Mail client on Android, typically a relatively trustworthy source.

Header spoofing is a common, technique used by computer criminals.  As an email's header information and text are easily manipulated (or "engineered" in hacker terms), malicious user can change messages' headers to serve the dual purpose of disguising their true origin and to build trust by making it look as if it originated from a legitimate source.

Terry Zink, the researcher who published the original report, has since backtracked in the comments section of his post, acknowledging that spoofing was a possibility, but commenting that it merely seemed more likely that an Android botnet was causing the spam onslaught.  He did not, however, provide any additional evidence of how he came to that conclusion.

Source: The Register





"There is a single light of science, and to brighten it anywhere is to brighten it everywhere." -- Isaac Asimov






Most Popular ArticlesSuper Hi- Vision Will Amaze the World
January 16, 2017, 9:53 AM
Samsung Chromebook Plus – Coming in February 2017
January 17, 2017, 12:01 AM
Samsung 2017 Handset’s Updates
January 17, 2017, 12:01 AM
Comparison – Surface Pro VS Tbook X5 Pro
January 21, 2017, 7:00 AM
Comparison – iPad Mini Vs Huawei MediaPad M3
January 19, 2017, 2:08 AM

Latest Blog Posts
Apple Watch
Saimin Nidarson - Jan 24, 2017, 6:51 AM
Some new News
Saimin Nidarson - Jan 23, 2017, 8:59 AM
What is new?
Saimin Nidarson - Jan 22, 2017, 7:00 AM
News
Saimin Nidarson - Jan 20, 2017, 7:00 AM
News of the World
Saimin Nidarson - Jan 19, 2017, 7:00 AM
Some tips
Saimin Nidarson - Jan 17, 2017, 12:16 AM
News of the Day
DailyTech Staff - Jan 16, 2017, 12:10 PM
Tech News
Saimin Nidarson - Jan 15, 2017, 12:32 AM
Here is Some News
Saimin Nidarson - Jan 14, 2017, 12:39 AM
News around the world
Saimin Nidarson - Jan 12, 2017, 12:01 AM
Rumors and Announcements
Saimin Nidarson - Jan 11, 2017, 12:01 AM
Some news of Day
Saimin Nidarson - Jan 7, 2017, 12:01 AM
News 2017 CES
Saimin Nidarson - Jan 6, 2017, 12:01 AM






botimage
Copyright 2017 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki