MORE THAN TEN million Android devices have been infected by malware designed to sell information and tap on ad links.
Security firm Check Point started following HummingBad – malware that can take over a smartphone or tablet so it can take user information, download fraudulent apps or tap on advertising to generate revenue without permission – back in February 2016.
The malware originated from a mobile ad server company based in China and used a drive-by download attack – which happens when a user visits a site that injects malware onto their device – to spread it.
HummingBad then attempts to gain access to Android’s core system, but if it fails, it tries to trick the device into giving it control.
“If successful, attackers gain full access to a device. If rooting fails, a second component uses a fake system update notification, tricking users into granting HummingBad system-level permissions,” said the report.
The malware managed to generate $300,000 per month in fraudulent ad revenue, according to the firm. It also said the potential for such malware to be abused further is possible by creating a botnet and carrying out targeted attacks on businesses or government agencies.
Accessing these devices and their sensitive data creates a new and steady stream of revenue for cybercriminals. Emboldened by financial and technological independence, their skillsets will advance – putting end users, enterprises and government agencies at risk.
Of those devices infected by the malware, a sizeable proportion of them were running on older versions of Android. The most popular version of Android infected was KitKat (50%) which was released in 2013 while Jelly Bean (40%) was released in 2012, but all versions released since 2011, including Marshmallow and Ice Cream Sandwich, were targeted.
The same group behind HummingBad was responsible for an iOS malware called Yispecter, which was one of the first malware to attack both jailbroken and non-jailbroken iPhones and iPads. While it was discovered last year, Apple had fixed the flaw on iOS 8.4.
The best way to check whether your device is infected with malware or not is to install a dedicated antivirus app from the likes of Avast or AVG which should be able to detect it.
If you find yourself in the situation where your phone is infected by HummingBad, the only real way to get rid of it is to factory reset your device, meaning all of your phone data will be wiped.
To embed this post, copy the code below on your site
have your say