The first Android botnet, comprising of compromised devices running on all the large U.S. mobile networks, and it is being utilized to deliver SMS spam, researchers said this week.
Cloudmark and Lookout Mobile Security discovered the network this December, the botnet grows when users unwittingly install a malicious game application that contains the SpamSoldier trojan. Infected devices then communicates with a command-and-control server, receiving instructions to send SMS messages to more than 100 phone numbers.
Thus far, Cloudmark investigators have discovered more than 800 numbers sending out the spam, and they believe the total number of infected devices is approximately 1,000. Verizon, AT&T, Sprint and T-Mobile were among the U.S. carriers where SpamSoldier messages were seen entering and leaving the networks.