"The concept of any kind of botnet harnessing smartphones has in the past been overlooked as some kind of pointless exercise - but considering the alternative uses for smartphones could it be the next big thing on the horizon, just waiting for the right person with the right brilliance to make it happen? these little devices walk around collecting data on us, spewing our information, and acting as GPS tracking devices .... perhaps not a botnet for mining, but one that can locate a person on demand. Consider it similar to the RFID id badge systems that let you know where an employee is in the building at any time - but farther reaching. Take it to an extreme - knowing where a victim is at any given time in order to time coordinate various acts of hacking. "
Oh I totally agree! We have already seen smartphone botnets for hire - for example the Android malware known as notcompatible installs a proxy on devices it infects. While right now it is being used to evade geographic anti-fraud measures the reality is it is perfectly positioned to offer on-demand access to enterprises or even specific people (assuming they get a wide enough distribution of infected devices). Our smartphones are incredibly personal to us and that means we take them everywhere. The potential rewards for someone that manages to become an invisible passenger on a smartphone carried by a high value intelligence asset will be HUGE.
Its interesting that since publishing this at least two other bits of smartphone based mining malware has appeared.
clearly these malware authors have too much time on their hands I mean unless you harness multiple thousands of smartphones together and make a bitcoin mining smartphone botnet theres no way you can make enough money to make this worthwhile.
It does speak to the entrepreneurial nature of malware authors though. Rather than create more wallet stealers, these guys are constantly striving to find a new "magic malware quadrant"
