‘HummingBad’ Malware Affects 85 Mn Android Devices

In an alarm to Android users almost 85 million devices running on Google’s mobile operating system have got infected by a malware called HummingBad. According to CheckPoint, majority of the HummingBad victims are in India and China. The malware affects most almost all Android OS versions, however, the most affected are devices running on Android KitKat and Android Jelly Bean.

According to the Times of India report, the HummingBad malware is a “drive-by download attack” that users face when they visit certain websites. It includes two components: First component tries to gain root access on the Android device to exploit vulnerabilities. This could give hackers full access to the device. If the first component is not able to root the device, the second component shows a fake system update notification, tricking users to unknowingly grant system-level access to the HummingBad malware.

CheckPoint warns that the malware can not only be used to generate fake ad revenue, but with access to handsets the hackers can also sell the information inside them to other companies.

To check if their Android device too has been affected by HummingBad malware, users can download CheckPoint’s Zone Alarm app or other apps from Lookout, AVG and Avast. And in case a device is affected, the only way for a user to remove the malware is by factory resetting the device.

The security firm says it has been tracking the HummingBad Android malware since February. While the number of infected devices were steady for few months, it sharply rose up in the month of May. The people behind the malware is said to be a team from Yingmob, a multi-million dollar ad agency from Beijing, China.

“Yingmob has several teams developing legitimate tracking and ad platforms,” said CheckPoint in ablog on its website. “The team responsible for developing the malicious components is the ‘Development Team for Overseas Platform’ which includes four groups with a total of 25 employees.”

The Android smartphone users in US, UK and Australia are also in the affected list.

Leave a Response