A strain of of Android malware has infected 85 million victims across the globe, generating at least $300,000 every month for the gang behind it, thanks to millions of pop-up adverts and app downloads.
The malware puts users’ data in jeopardy by installing more malware and displaying ads by the Chinese company behind it, according to security firm CheckPoint which first detected the issue in February. HummingBad apps display more than 20 million ads per day, generating $300,000 in revenue per month or $4 million per year. The malware is installing more than 50,000 apps a day and has been discovered on all versions of Android.
“Accessing these devices and their sensitive data creates a new and steady stream of revenue for cybercriminals,” CheckPoint wrote in a blog post. “Emboldened by financial and technological independence, their skillsets will advance – putting end users, enterprises, and government agencies at risk.”
Yingmob, which is 25 employees strong, runs alongside a legitimate Chinese advertising analytics company and shares its resources and technology. The malware has primarily affected users in China and India, but more than a quarter of a million U.S. devices are infected.
While this malware appears to be for financial gain, CheckPoint warned that attacks like this could do greater damage.
“The group tries to root thousands of devices every day and is successful in hundreds of attempts,” CheckPoint wrote. “With these devices, a group can create a botnet, carry out targeted attacks on businesses or government agencies, and even sell the access to other cybercriminals on the black market. Any data on these devices is at risk, including enterprise data on those devices that serve dual personal and work purposes for end users.”
There is no update on how to rid devices of HummingBad, but the experts recommend users avoid the problem by downloading Android apps from the Google Play store with legitimate reviews.
Issues of hackers attacking Android devices has plagued Google for some time. Earlier this year, Google exiled 13 Android apps from the Google Play marketplace after it was discovered that the apps made unauthorized downloads and attempted to gain root privileges, allowing the apps to remain after factory resets. Last November, it was revealed that 87 percent of Android devices are exposed to security bugs due to Android handset makers’ failure to deliver patches, according to researchers from the University of Cambridge.