Advertisement

We need your help now

Support from readers like you keeps The Journal open.

You are visiting us because we have something you value. Independent, unbiased news that tells the truth. Advertising revenue goes some way to support our mission, but this year it has not been enough.

If you've seen value in our reporting, please contribute what you can, so we can continue to produce accurate and meaningful journalism. For everyone who needs it.

Devices running older versions of Android like Jelly Bean (pictured) were more likely to be infected by HummingBad. AP/Press Association Images

This malware infected more than 10 million Android devices

HummingBad was used to download fraudulent apps and tap on ads to generate revenue.

MORE THAN TEN million Android devices have been infected by malware designed to sell information and tap on ad links.

Security firm Check Point started following HummingBad – malware that can take over a smartphone or tablet so it can take user information, download fraudulent apps or tap on advertising to generate revenue without permission – back in February 2016.

The malware originated from a mobile ad server company based in China and used a drive-by download attack – which happens when a user visits a site that injects malware onto their device – to spread it.

HummingBad then attempts to gain access to Android’s core system, but if it fails, it tries to trick the device into giving it control.

“If successful, attackers gain full access to a device. If rooting fails, a second component uses a fake system update notification, tricking users into granting HummingBad system-level permissions,” said the report.

The malware managed to generate $300,000 per month in fraudulent ad revenue, according to the firm. It also said the potential for such malware to be abused further is possible by creating a botnet and carrying out targeted attacks on businesses or government agencies.

Accessing these devices and their sensitive data creates a new and steady stream of revenue for cybercriminals. Emboldened by financial and technological independence, their skillsets will advance – putting end users, enterprises and government agencies at risk.

Google Androids Next Tricks AP Photo / Jeff Chiu AP Photo / Jeff Chiu / Jeff Chiu

Of those devices infected by the malware, a sizeable proportion of them were running on older versions of Android. The most popular version of Android infected was KitKat (50%) which was released in 2013 while Jelly Bean (40%) was released in 2012, but all versions released since 2011, including Marshmallow and Ice Cream Sandwich, were targeted.

The same group behind HummingBad was responsible for an iOS malware called Yispecter, which was one of the first malware to attack both jailbroken and non-jailbroken iPhones and iPads. While it was discovered last year, Apple had fixed the flaw on iOS 8.4.

The best way to check whether your device is infected with malware or not is to install a dedicated antivirus app from the likes of Avast or AVG which should be able to detect it.

If you find yourself in the situation where your phone is infected by HummingBad, the only real way to get rid of it is to factory reset your device, meaning all of your phone data will be wiped.

Read: Blackberry is killing off its last traditional keyboard phone >

Read: Apple may get rid of one of the iPhone’s most annoying limitations >

Readers like you are keeping these stories free for everyone...
A mix of advertising and supporting contributions helps keep paywalls away from valuable information like this article. Over 5,000 readers like you have already stepped up and support us with a monthly payment or a once-off donation.

Author
Quinton O'Reilly
View 9 comments
Close
9 Comments
    Submit a report
    Please help us understand how this comment violates our community guidelines.
    Thank you for the feedback
    Your feedback has been sent to our team for review.
    JournalTv
    News in 60 seconds