According to Check Point, the majority of infected devices are overseas in Asian countries, and approximately 280,000 devices are infected in the United States. While Check Point discovered this malware in February of this year, the number of instances has increased exponentially in the last several months.
“HummingBad establishes a persistent rootkit on Android devices and generated fraudulent ad revenue.” It runs alongside legitimate businesses, “sharing their technology and resources, enabling them to control tens of millions of Android devices.” These campaigns are averaging revenues of $300,000 USD per month. It generates $10,000 a day with $3,000 produced in revenue per click and $7,000 produced in app downloads.
The majority of devices that have been attacked, have been using older operating systems like KitKat and Jellybean. Since most of these attacks have occurred in China and India, it is assumed that infected devices, obtained the malware through users downloading affected apps through unauthorized app stores. These stores tend to have little to no security protocols, and in combination with an older OS, can spell out disaster.
My Android smartphone has been infected with HummingBad, what do I do?
Well, a full factory reset is required. This will ensure the entire system and data running on your device is deleted. Unfortunately, it is likely that users will not be able to back up their data before resetting. This is to ensure you do not re-infect your device. In the future, be sure to only download apps from authentic sources, like Google Play, and only download from trusted developers. We also recommended you update your device to the latest Android software – Android 6.0 Marshmallow – as soon as possible.
Connect with Secure Sense to protect data, your network, and systems 24/7, 365 days a year. If you have questions or want to learn more, please contact Secure Sense by calling 866-999-7506.