Experts at cybersecurity specialist Check Point have issued an APB to all Android device users: the HummingBad malware problem could intensify.
Although the pesky malware was first discovered by the organization in February, Check Point has given the system further examination and come away with a few points to ponder, outlined in a recent dispatch: “From HummingBad to Worse.”
In the report, Check Point wrote that it set out to learn more about how hackers conduct mobile malware initiatives. In the case of HummingBad, researchers spent five months examining the malware's inner workings.
Check Point found that once the malware successfully establishes a rootkit on an Android device, it installs other fraudulent apps and generates fraudulent ad revenue. Moreover, HummingBad, “runs alongside a legitimate advertising analytics business, sharing their technology and resources, enabling it to control tens of millions of Android devices,” wrote Check Point.
The latest body count in HummingBad’s efforts clocked in at around 10 million devices, but the numbers don’t stop there. Check Point estimated that the malware’s fraudulent ad revenue chalked in at $10,000 a day, or around $300,000 per month, implying that, “attacks can achieve financial sufficiency.”
Despite the hefty, albeit ill-gotten gains, one larger concern lies in the safety of data on any given device, which Check Point explained could fall prey to targeted attacks on businesses or government agencies, or sold to cybercriminals on the black market.
HummingBad is the brainchild of a group of developers called Yingmob. The team operates alongside a legitimate Chinese advertising and analytics company based in Beijing. The Yingmob shares its resources and technology with HummingBad.
“The team responsible for developing the malicious components is the 'Development Team for Overseas Platform' which includes four groups with a total of 25 employees,” wrote Check Point.