Android.Pikspam is the nickname of a new spam bot malware identified by Symantec that targets Android devices.
The robot is based on social engineering techniques, which are already widely used by cybercriminals to steal sensitive information to mobile users through seemingly legitimate emails. "Android.Pikspam" involves the sending of advertising SMS, promoting free versions of popular mobile games and also informing the user he just won a prize."
"The unsuspecting victims receive and follow the links provided in the messages to download an application which in fact is a Trojan horse" said Symantec.
Once installed on the mobile terminal, the robot will continously connect a "command-and-control" (C&C) server that retrieves and disseminates the SMS to a new contacts list.