As Android continues to gain in popularity and market share, so does the prevalence of malware on the platform. Just last month, security researchers at Trend Micro published details about how the curiously named ‘Godless’ malware is proliferating on Android devices around the world, and now we have yet another security software maker, Check Point, revealing significant information about how another Android malware called ‘HummingBad’ has supposedly infected over ten million smartphones and tablets worldwide, including over 1.6 million in China, 1.35 million in India and around 288,000 in the U.S. The offending piece of software was originally discovered in February and is allegedly developed by a Chinese advertising analytics agency called Yingmob that apparently develops “legitimate tracking and ad platforms”.
However, HummingBad is seemingly far from legit, as it reportedly installs a rootkit on affected systems, allowing administrative access to cybercriminals who can then automate the installation of unwanted software on such devices. The researchers over at Check Point claim that, “The team responsible for developing the malicious components is the ‘Development Team for Overseas Platform’ which includes four groups with a total of 25 employees”. The revenue generated from the malware is reported to be in the region of $300,000 per month, with most of it coming from automatic clicking on ads that are forced down the throats of hapless users in the first place.
Meanwhile, what’s even more disconcerting for security researchers is that HummingBad is not just something that installs adware on the system. According to the report, those deploying the software are also technically capable of accessing information stored on the infected devices with a view towards selling them to cyber-criminals for a price. Check Point, however, says that it’s researchers do not believe Yingmob is doing that just yet. Meanwhile, HummingBad certainly isn’t Yingmob’s first brush with controversial software. The company also stands accused of being one of the groups behind the string of malware that hit Apple’s mobile platform, iOS, in recent times. Neither Yingmob nor Google have given their official reactions to the latest developments, but with people increasingly using their mobile devices to log onto the internet, cases of malware on mobile platforms are only expected to rise going forward, simply because how financially lucrative such rogue software have become in recent times.