Stels Botnet Found To Deliver Android Trojan

Recently, the biggest spam botnet on the globe has been found sending malicious emails containing links to the Stels Android Trojan, a sign that the malware business for mobile devices is gaining momentum.

Over the last few years, cyber criminals have been spreading Android malware via forums and application stores, with the code being hidden in a free game.

Stels is an Android Trojan able to send text messages, make phone calls, harvest contact lists and install malware. Experts claim that its creators pay for the use of the Cutwail botnet, which helps them distribute malware and spam to Windows computers.

This sounds like a huge step in the Android malware business, as it means that cyber criminals have started creating services that others can pay to use. Those that target Windows computers are using a wide variety of development tools, botnets, exploit kits and pre-build malware. But it seems that many of the services will soon be available for Android, as cyber criminals follow the trends on the smartphone and tablet market.

Stels developers usually send emails containing links to a compromised website, displaying a fake Adobe Flash Player update page. The update is described as necessary for viewing the page and when users click on it, it would ask the victims if they want to install the application, which once installed loads the malware, which operates on almost all Android versions.

When targeting Windows computers, the Cutwail botnet is used to distribute the Gameover ZeuS banking Trojan via malicious email. ZeuS steals all banking credit card numbers and bank credentials. Additionally, the botnet has been used in a number of phishing operations targeting AT&T, Facebook, UPS and Verizon users.