#Open journalism No news is bad news

Your contributions will help us continue to deliver the stories that are important to you

Support The Journal
Dublin: 6°C Saturday 22 January 2022

This malware infected more than 10 million Android devices

HummingBad was used to download fraudulent apps and tap on ads to generate revenue.

Devices running older versions of Android like Jelly Bean (pictured) were more likely to be infected by HummingBad.
Devices running older versions of Android like Jelly Bean (pictured) were more likely to be infected by HummingBad.
Image: AP/Press Association Images

MORE THAN TEN million Android devices have been infected by malware designed to sell information and tap on ad links.

Security firm Check Point started following HummingBad – malware that can take over a smartphone or tablet so it can take user information, download fraudulent apps or tap on advertising to generate revenue without permission – back in February 2016.

The malware originated from a mobile ad server company based in China and used a drive-by download attack – which happens when a user visits a site that injects malware onto their device – to spread it.

HummingBad then attempts to gain access to Android’s core system, but if it fails, it tries to trick the device into giving it control.

“If successful, attackers gain full access to a device. If rooting fails, a second component uses a fake system update notification, tricking users into granting HummingBad system-level permissions,” said the report.

The malware managed to generate $300,000 per month in fraudulent ad revenue, according to the firm. It also said the potential for such malware to be abused further is possible by creating a botnet and carrying out targeted attacks on businesses or government agencies.

Accessing these devices and their sensitive data creates a new and steady stream of revenue for cybercriminals. Emboldened by financial and technological independence, their skillsets will advance – putting end users, enterprises and government agencies at risk.

Google Androids Next Tricks Source: AP Photo/Jeff Chiu

Of those devices infected by the malware, a sizeable proportion of them were running on older versions of Android. The most popular version of Android infected was KitKat (50%) which was released in 2013 while Jelly Bean (40%) was released in 2012, but all versions released since 2011, including Marshmallow and Ice Cream Sandwich, were targeted.

The same group behind HummingBad was responsible for an iOS malware called Yispecter, which was one of the first malware to attack both jailbroken and non-jailbroken iPhones and iPads. While it was discovered last year, Apple had fixed the flaw on iOS 8.4.

The best way to check whether your device is infected with malware or not is to install a dedicated antivirus app from the likes of Avast or AVG which should be able to detect it.

If you find yourself in the situation where your phone is infected by HummingBad, the only real way to get rid of it is to factory reset your device, meaning all of your phone data will be wiped.

Read: Blackberry is killing off its last traditional keyboard phone >

Read: Apple may get rid of one of the iPhone’s most annoying limitations >

About the author:

Quinton O'Reilly

Read next:


This is YOUR comments community. Stay civil, stay constructive, stay on topic. Please familiarise yourself with our comments policy here before taking part.
write a comment

    Leave a commentcancel