The spammers appear to still be testing the method, but spam volumes are rising, Conway said. The recipients of the spam are so far just in the U.S. It appears that around 800 phones are infected with the malware. As recently as two weeks ago, the botnet was sending upwards of 500,000 messages per day.
Conway described the botnet as "primitive" and not at the level of sophistication of botnets that abuse desktop computers. But it does herald a new level of innovation among mobile spammers.
The best advice for Android users is to avoid downloading applications from untrusted sources. Google scans applications in its Play store for malicious behavior, but unvetted Android applications are widely available around the Internet. Conway said he believes the campaign is geared toward exploiting younger Android users.
"The younger you are, the more likely you are to engage in risky behavior with your mobile phone," Conway said.
Recipients of spam can forward a suspicious message to "7726," a short code for the GSMA's Spam Reporting Service, which is run by Cloudmark. The company analyzes the messages. Depending on how the operator wants to handle it, spam messages can be blocked or the malicious link within the message can be removed, Conway said.
Send news tips and comments to firstname.lastname@example.org. Follow me on Twitter: @jeremy_kirk.