Ten million Android devices have been infected by malware called HummingBad, according to Check Point. The cybersecurity firm said it discovered the malware in February, and has been tracking it ever since.
What makes HummingBad particularly dangerous is the group behind it: a team of developers at Yingmob, an otherwise legitimate, multimillion dollar advertising analytics agency based in Beijing.
“Yingmob has several teams developing legitimate tracking and ad platforms,” the report alleges. “The team responsible for developing the malicious components is the ‘Development Team for Overseas Platform’ which includes four groups with a total of 25 employees.”
The malware installs a piece of software called a rootkit onto infected Android devices, giving the cybercriminals admin-level access to smartphones. This access is used to generate fraudulent advertising revenue — apparently up to $300,000 per month — through the forced downloading of apps and clicking of ads.
But it’s not just fake ad revenue at stake here, as the group is able to sell access to phones or give away information held on them. Check Point estimates that over 85 million smartphones have the group’s apps installed on them, but only up to 25 percent of these include malicious software.
Click here to read more.
SOURCE: Cnet, Daniel Van Boom