February 10, 2012, 1:07PM
Researchers Discover Android Mobile Botnet 100k Strong
by Paul Roberts
Follow @paulfroberts
A newly discovered malicious application circulating on third party Android markets in China has created a botnet that contains more than 100,000 compromised devices, researchers report.
Researchers from North Carolina State University and Symantec say the malware, dubbed RootStrap (NC State) installs a known remote access trojan (RAT) named BMaster (Symantec). It is capable of stealing a wide range of information from infected Android devices running versions earlier than 2.3.3 and 3.0, and may be ginning up illilcit profits with premium SMS and telephony scams, according to the report from NC State and Symantec.
Malicious software researches and anti virus companies have observed a sharp spike in the number of malicious programs targeting the Android platform in the last year, as the population of Android devices has skyrocketed. However, botnets are still rare for the mobile world.
Though reliable data on the size and operation of the botnet isn't available, Symantec estimates that it could generating anywhere between $1,600 to $9,000 per day and $547,500 to $3,285,000 per year for its operators, depending on how many infected devices the botmasters are able to sustain.
RootStrap isn't the first example of an active, revenue-generating Android botnet, Symantec points out. However, it may be the first that large enough and profitable enough to rival traditional Windows-based bot networks. That, Symantec points out, means it certainly won't be the last.
Full story here: https://threatpost.c...e-botnet-021012
