Google Android Robot (Photo : Aalicdn)
Android malware named HummingBad has infected a minimum of 10 million devices running Google's OS, based on the report of a cyber-security software maker. Check Point has been tracking the malicious software since it was noticed in February and has released a report of the malware's threat. The group behind the Android malware is reportedly an advertising analytics agency based in Beijing, China.
Check Point notes that the number of infections has been steady since the beginning of the year but spiked in mid-May.
The Israel-based software company reports that Yingmob develops legitimate ad platforms. It claims the team developing the malicious software is from the Chinese company's Development Team for Overseas Platform that includes 25 employees.
This makes the malware different from most cases. The cyber-security company explains that highly-organized cyber-criminals are working with the multi-million dollar Beijing ad firm.
HummingBad started as a "drive-by download attack." Such malware attacks infect phones that visit certain websites.
Check Point reported that the first tool tries to gain root access on a mobile device. It uses software to exploit various security vulnerabilities.
If the malicious software's hack attack is successful hackers have full access to a smartphone. In some cases the rooting fails. A second component then uses a fake system update alert that tricks users into giving system-level permissions to HummingBad.
The malevolent access to phones then seems to create fake advertising revenue up to $300,000 per month, according to CNET. That is done through ad clicks and app downloads.
Check Point estimates that more than 85 million smartphones have installed the group's apps. However, only a small percentage have downloaded the malware.
Most of the victims of the HummingBad malicious software are in China (1.6 million) and India (1.35 million). It also affected many devices in countries including the Philippines, Indonesia, and Turkey. Meanwhile, the United States has 288,800 infected devices.
HummingBad is generating $4 million per year in fake ad revenue. However, cyber-criminals could also use the malware to steal personal information from infected devices, according to Digital Trends.
Google has not made any official announcements about detecting or removing HummingBad. As of June 2016 only about 10 percent of Android devices run Marshmallow OS, while most run Lollipop, KitKat, or Jelly Bean.
Here's how to prevent Android malware:
