REALITIES OF LIVING IN A BOTNET INFESTED WORLD. I know almost exactly to the mijute when my new phone was infested with a botnet, Jan 27, 2013 when google dashboard Android reprts it last heard from my phone, MyLookout Signal flare rort the last location it has on my phone is the same day. Something from Michele Obama finally makes sense, she signs all correspondence from her hand wth xo followed by a nickname, in thebreality of living in a Botnet infested world,where you can't even delete your account because the botnet intercepts the emails and texts and just resets your password, reactivanting your account with a password you dont know. Took many attemptbto get my account back not 15 minutes after I deactivated it, getting a Facebook email saying WELCOME BACK, snd another on saying my password had been changed. Everytime I tried to change my password with a text the number they sent was expired. I finally had to disable the text feature so I could reclaim my account. EVEN SO, not 6 hour later my password was again changed, so now I have a new Botnet reality after much study, YOU CAN'T GET RID OF IT, you just have to make do. So I will now sign posts I make with xoJaedia my Hex name from my hacker days. When I can save money I WILL BUY AN IPHONE!
A really good read is the paper title "Dissecting android malware: Characterization and evolution
BOTNET TRUTHS "
1. There are thousands of them.
2. 70-90% android phones are infested, the infection mascarades as Google Apps, (I.e. Google Chrome os a 7.4 mb file accord to Cnet AND Google, if your Google Chrome is 26Mb YOUR INFESTED. (In Android go to application manager and click on ALL scroll down to chrome, 7mb your fine FOR NOW, 26mb youba botnetOuch welcome to m5 world.)
3. The infection is spread several ways, the piggybacking on REAL file from Google Play, (Goigle is trying to clean the store, but it is never ending like painting the Gold Gate Bridge)
3a. The infection is spread P2P the Google Cloud (Serviceshttp://googlemobile.blogspot.com/... ) an exploit that uses an emergency Google Service to send a 4kb message directly from phone to phone, so even if you NEVER DOWNLOAD a file from Google Play you will eventually become infected when you are within Wifi range of an infected phone. And this is fast, not 30nafter I flash a Stock Ram back to my phone using Usb and Odin, my prestine phone infected With the Gemini Bot and gBot, I had deleted all the Google apps, including play, not installedanything on the phone, removed all bloat ware, and it still happened, that is when I came across a security advisery posted on the Google Android Security Blog, (no press reports) report the Google Cloud Services and reinfection by 4kb message. I then found a white paper that look at code samples from 2000+ botnets which found 70 can use this exploit, while the preferred method is piggybacking 90%) Google reported at the end of the Blog post they are aware of the problem, but no fix is in sight, this was a week ago Lookout and Symantic have also reported seeing the exploit cid, but no of no way to stop it as of yet, as the code is wrtten into the VERY KERNAL of the Adroid operating system, so as of now there is no fix and Google coninues to scrub the Play Data base with Google Bouncer, but piggybacking will continue to be a problem, as for ever one application the bounce some 10 replace it. Google own apps, Facebook, Yahoo mail and even some neede system apps like com.android.drm are infected, and the botnets are smart and stelthy, they auto update and patch your system with their files.
CONCLUSION: Herein lies the rub and the wonder of Open Source, anyone can download the source an look for ways to exploit it, or enhance it. Android is incredibly complex! If you have enough programmers look hard enough for ways to exploit it they will find them,