HummingBad may have infected over 100 million Android devices worldwide,
but how much money its creators have made by doing so is even more alarming.
HummingBad is the “new” Android-infecting Malware on the block, with a reported 10 million Android phones being infected worldwide.
The majority of these instances have been reported in China, India, the Philippines and Indonesia, but just because you don’t live in one of the leading countries doesn’t mean your coveted phone is safe from infection. For example, there have been 288,000 reported infections in the U.S., and that number is expected to rise as the infectious software spreads worldwide.
Yes, while the number of people who have had their phones infected is concerning, the really concerning aspect is just how much money researchers say the malware’s creators have been making: $300,000 a month.
At first glance, this doesn’t seem like a big number, considering how many phones are actually infected, but it actually is when you know how the phones are infected and what it is that HummingBad actually does.
Simply put, the infection takes hold of a device through two methods: either via the drive-by download method, where the victim is directed to a website that hosts the malware in an attempt to gain root access to the device, or through fake system update notifications that grant system-wide authorizations to the malware. At that point, the malware roots itself deep inside the phone’s operating system, which allows it to stay relatively undetected and grants it control over the handset.
Of course, what it does is the real kicker. Typically, malware is used to spy on those unfortunate enough to download it or to steal information. However, HummingBad doesn’t do that. Since it has root access, it can transfer personal information, spy on the victims or turn the infected devices into botnets; instead, it’s used purely for revenue generation by remotely clicking on ads to make them seem more popular than they actually are, or installing fake versions of popular apps.
In other words, HummingBad isn’t making the aforementioned $300,000 per month by taking it from victims, it’s having infected phones make the money for its creators.
Again, $300,000 might not seem like much in the grand scheme of things, but the fact that HummingBad’s creators are making this money passively instead of by brute force is huge. Normally, there would be obvious signs if someone was using malware to take your money, but through this method, the signs are far more subtle.
Now, the only indicators that would suggest a phone has been compromised would be the presence of more ads or apps on a device, or if data usage rose unexpectedly.
Fortunately, there are ways to protect against being infected. For starters, only download apps from Google Play, and be sure to check out user feedback before doing so. Second, be aware of any links you click on and don’t grant any system permissions or prompts coming from unknown sources. Lastly, have malware scanning and protection installed and running on your device so you can catch any potential problems before they snowball out of control.
8 July 2016