WARNING Yahoo Mail APP linked to Android Botnet malware...


Jul 6, 2012
This warning only applies to the Yahoo Mail APP. It does NOT apply to using the webmail interface

Yahoo! Mail for Android does not encrypt its communications by default – it performs all its functions over HTTP, not HTTPS. This means that any traffic that is sent by the Yahoo! Mail Android app can easily be intercepted over an open network connection such as a public WiFi network. This exposes Yahoo! Mail for Android to session hijacking.

1. An attacker could sniff for Yahoo! Mail specific traffic on open WiFi networks

2. Unsuspecting Android users that join the WiFi network check their email using default application settings

3. The attacker intercepts a particular cookie and can use it to impersonate that user, over whatever networks are available to them, including by tethering to a mobile network

- This allows the attacker to send spam emails that appear 100% legitimate.

It is recommended that users of Yahoo! Mail for Android enable SSL within the application’s settings to protect themselves from this type of attack. From within Yahoo! Mail, simply open

Options > General Settings and select ‘Enable SSL’.

You have been warned

Source: The Official Lookout Blog | UPDATE: Our Thoughts on the Android Spam “Botnet”