Ads on smartphones and other mobile devices are nothing less than annoying. Unfortunately, the sad truth is that these ads can also be malicious and harmful to your Android mobile device. According to a new report by the cyber security firm Check Point, a Chinese group is spreading malware in Android devices and making over $300,000 every month in revenue.
Check Point began their research in February after getting suspicious. Since they discovered the vicious virus, it has spread to more than 10 million Android devices. The malware goes by the name HummingBad. Most of the devices got infected through a method called “drive-by download”, which only requires the user to visit the website hosting the dangerous malware. When the user visits the website hosting the malware, it automatically downloads into their device. After getting into a device, it attempts to gain root access, thereby taking control over all functions of the phone. If it fails to gain root access, it creates a false system update and tricks the user into giving it system-level permissions on their mobile device.
After getting the control and permissions necessary, the malware gets to work. The malware generates revenue for its developers through shady means. It installs additional applications without the consent of the user and displays advertisements on the user’s device that once clicked generate money for its developers.
According to Check Point, HummingBad belongs to an app developer called Yingmob(In Mandarin). Yingmob is a ‘legitimate” mobile advertising and analytics company based in Beijing, China. The firm is a subsidiary of a multi-million dollar company called MIG Unmobi Technology. Yingmob offers ads services through pop-ups, in-app ads and sidebars on mobile platforms. Yingmob also develops mobile apps, which are popular as they are installed in over 85 million Android devices.
Check Point notes that a group of about 25 employees in Yingmob is responsible for the HummingBad malware. The dangers posed by the malware could be far reaching. The malware does not only take control of a device to display ads; it can collect device information which can be used for more target specific attacks. The infected devices’ information can be sold to the highest bidder and or other vicious purposes.
Most of the infected devices belong to Chinese people, 1.9 million Chinese users to be precise. In India, HummingBad infected 1.35 million users. The malware also found its way to the USA where it affected 290,000 Android devices. Other regions hit hard by the malware include Indonesia, Philippines and Turkey.
Malware targeting mobile devices are common nowadays. These attacks are growing more vicious by the day. Bad actors have also managed to sneak malicious code past iOS “thick wall” of protection.