Android malware HummingBad infects 10 million phones

Security companies have noticed a sudden surge in the number of phones infected by the malware

Emma Boyle
Friday 08 July 2016 12:34 EDT
Comments
Google's mobile operating system, Android, is used by over 1.4 billion people worldwide
Google's mobile operating system, Android, is used by over 1.4 billion people worldwide (Getty)

Your support helps us to tell the story

From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.

At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.

The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.

Your support makes all the difference.

A new report from security companies Checkpoint and Lookout has said that up to 10 million Android smartphones could have been infected by a malware called HummingBad.

According to the companies, the malware is a rootkit which installs itself deep inside a phone’s operating system to avoid detection and gives its creators complete control over the handset.

When it’s on a person’s phone, HummingBad installs apps on their device and spies on their browsing habits. It also generates fake clicks for online adverts and research suggests it’s making around $300,000 (£232,000) a month for its creators through this.

The malware was brought to the attention of Checkpoint and Lookout when both companies noticed a sharp spike in the number of phones infected by it. It’s usually found on phones which run older Android operating systems as it’s able to exploit security loopholes in them by masquerading as legitimate apps such as Facebook or Twitter.

Checkpoint said in a blog post that it had obtained access to the command-and-control servers that oversee infected phones and this revealed that HummingBad has now managed to infect around 10 million devices with the greatest number of infected devices being located in China, India, Indonesia and the Philippines.

In its own blog post, Lookout has said it thinks that the sudden spike in phones infected by the malware is a result of its creators adding more functions to the malware, or by finding new ways to distribute it. It also says that even after a factory reset, the malware "can remain persistent."

According to the BBC, Google, who released the latest Android security update just this month, said “We've long been aware of this evolving family of malware and we're constantly improving our systems that detect it. We actively block installations of infected apps to keep users and their information safe.“

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in