HummindBad Android Malware Has Infected 10 Million Devices
The Android malware that goes by the name HummingBad, which was discovered by security company Check Point in February, has infected 10 million devices so far.
According to Check Point, HummingBad’s origin is of particular interest. More specifically, the Chinese advertising company Yingmob is responsible for the creation and spreading of this malware, using it to install rootkits on Android devices.
With complete control of the devices in its hands, Yingmob gains up to $300,000 per month from “fraudulent ad revenue”. Check Point claims that HummingBad is a great example of how malware developers can support themselves.
“Emboldened by this independence, Yingmob and groups like it can focus on honing their skill sets to take malware campaigns in entirely new directions, a trend Check Point researchers believe will escalate. For example, groups can pool device resources to create powerful botnets, they can create databases of devices to conduct highly-targeted attacks, or they can build new streams of revenue by selling access to devices under their control to the highest bidder.”
Apart from HummingBad’s victims, Yingmob controls about 85 million devices worldwide and has the ability to sell access to them. Although attacks are in a world class scale, most victims are located in China and India, with 1.6 and 1.3 million infected users respectively. Finally, iOS users are not safe from the Yingmob attacks either, according to the researchers, since the Yispecter malware for iOS is another one of their creation.