A very deadly smartphone malware by the name of ‘HummingBad’ has been recently discovered, and it is believed to have already infected over 10 million Android devices. The malware has increasingly affected Android devices particularly in Asia, with 1.35 million devices reportedly affected in India. A detailed report by cyber security software maker Check Point explains the origins of the malware and how it affects a device. It has also helped out with solutions on how to remove the malware from the infected device.
What is ‘HummingBad’ malware and how does it enter your device?
HummingBad is an Android malware that infects your devices by establishing a persistent rootkit on Android devices through which it generates fraudulent ad revenue, and installs additional fraudulent apps. It particularly comes through “drive-by download” and would affect smartphones through the websites that they visited. If the device is rooted, then it is easier for the malware to enter the smartphone and gives it unlimited access to files and folders. If that doesn’t work out, the malware tries to root the device itself. The malware doesn’t stop there either. It also camouflages itself in popup notifications of system updates. This way it connects to a remote server and launches additional applications.
Who is behind this malware and why?
Check Point claims that the culprit behind this is Yingmob, a group of highly organized cyber criminals “working alongside a legitimate Chinese advertising analytics company, sharing its resources and technology. The group is highly organized with 25 employees that staff four separate groups responsible for developing HummingBad’s malicious components.”
Check Point further reports that Yingmob generates $300,000 per month through fraudulent ad revenues and forced downloading of apps and clicking on ads. The group may also further use the personal data available on the smartphones and sell the information. Check Point estimates that even though 10 million smartphones have been affected by the malware, over 85 million users have the group’s apps downloaded.
How to detect the HummingBad malware in your device?
It is finally time to install those anti-virus softwares on your smartphone. To detect the malware, recommended apps are ZoneAlarm by Check Point itself and apps created by AVG and Avast.
How to remove HummingBad from your device?
Anti-virus software may not be able to kill the malware, so Check Point says that the ultimate solution is factory reset. If you have your data saved on cloud, good news for you. Otherwise, back up all your data and keep a note of all the apps you need to re-install.
How to prevent this malware from entering your device again?
Check Point advises that to avoid this dangerous malware, it is best not to download apps from ‘unknown sources’. The Android market is filled with third-party sources where you can download apps from, sometimes even paid apps. This gives malwares easy access to enter your Android devices, so at a vulnerable time like this, it’s best to avoid them.
With a powerful group like Yingmob, it looks like they would find ways to expand their network but these few steps will surely be a good start to keeping your devices safe.