More than 10 million Android devices worldwide are infected with HummingBad, a Chinese malware that installs fraudulent apps and clicks on ads without users’ knowledge or consent.
According to a new report from cybersecurity software maker Check Point, the malicious software program makes its developers up to $300,000 per month in fraudulent advertising revenue by forcing infected phones to display its own ads.
Check Point says HummingBad was developed by Yingmob, a group of Chinese cybercriminals. According to this Check Point blog post:
Yingmob runs alongside a legitimate Chinese advertising analytics company, sharing its resources and technology. The group is highly organized with 25 employees that staff four separate groups responsible for developing HummingBad’s malicious components.
Of the 10 million devices worldwide that are infected with the malware, an estimated 286,800 are in the United States, some 1.61 million in China and about 1.35 million in India.
According to CNET, it’s not just the $300,000 a month in fake ad revenue that’s a concern. Check Point says Yingmob has the capability of selling both phone access and information held on the phones to the highest bidder.
As its name implies, HummingBad is bad news for Android owners whose devices are infected. It could also be a sign of what’s to come.
“Yingmob may be the first group to have its high degree of organization and financial self-sufficiency exposed to the public, but it certainly won’t be the last,” Check Point said.
So, how do you know if you have HummingBad on your device? CNET says it shouldn’t be too hard to find out.
You have a range of options when it comes to this protective phone software, from Check Point’s own Zone Alarm to apps created by Lookout, AVG and Avast.
The tools for catching HummingBad on mobile phones are now public information, so any service worth its salt will be able to detect the app running on your phone.
According to CNET, the fix for this infection is bitter medicine:
So back up your files and contacts, write down your favorite apps, and then reset your phone.
But the fix is disputed by BGR, which says you cannot remove it by factory reset. If nothing more, it offers some advice for the future health of your smartphone:
As always, the best way to avoid malware on Android is to refrain from installing apps from untrusted sources. In fact, rather than sideloading apps, simply download them from the Google Play Store, even if that means you have to pay for some of them.
Have you ever had malware on your phone? Share your comments below or on our Facebook page.