Android malware HummingBad that was first spotted in February this year has now infected over 10 million smartphones, according to Security firm Check Point. The firm notes that users most impacted by the malware are in China and India.
According to Check Point, the group behind the malware is a bunch of developers from Chinese mobile ad server company Yingmob. The company has several teams developing legitimate tracking and ad platforms; however there is said to be a specific group of people within the organisation that is responsible for this malicious software. Check Point claims that the team responsible for developing the HummingBad malware is 'Development Team for Overseas Platform', which includes four groups with a total of 25 employees.
HummingBad tries to gain root access to the device with the objective to generate fraudulent ad revenue by installing additional fraudulent (and malicious) apps. Yingmob generates as much as $300,000 (roughly Rs. 20,257,000) per month in fraudulent ad revenue through this malware, Check Point says.
The malware has now spread across 20 countries, but the largest numbers of affected users are in India and China. Check Point says 1.35 million (13.5 lakh) smartphones in India are affected by the HummingBad malware, while China has the most affected users at 1.6 million. Interestingly most of the Android devices affected are running old versions. Around 50 percent of the affected devices run Android KitKat, while 40 percent affected users have JellyBean running on their smartphones.
Google acknowledged the threat and confirmed that it was aware about it. "The company has long been aware of this evolving family of malware and we're constantly improving our systems that detect it. We actively block installations of infected apps to keep users and their information safe," Google spokesperson told CNET.
According to Check Point, HummingBad installs more than 50,000 fraudulent apps per day. These apps display more than 20 million ads everyday, generating 2.5 million clicks per day through illegitimate methods. While this malware is minting an approximate amount of $10,000 per day for Yingmob, it puts 10 million Android smartphones and the sensitive data stored on them in serious danger.
If you're an Android smartphone user who is seeing unnecessary ads, your smartphone could potentially be affected by the HummingBad malware. In order to detect this malware, use a security app that can detect malicious activity on smartphones and flag them. Options like Avast, AVG, and Lookout can be considered.
If HummingBad malware is found on your phone, Check Point's Dan Wiley claims that your only option is to factory reset your device, which means you will lose all your data, apps, and stored passwords. It is recommended you back up all data, contacts, and everything else before selecting the reset option. Wiley also advises against downloading apps from untrusted stores. Google vets the apps on the official Play Store, but the same cannot be said for other unofficial stores.