Check Point, a cyber security firm, has warned that millions of Android phones are infected with a dangerous malware known as HummingBad.
The company says it discovered the malware in February, warning that it establishes a rootkit on Android phones. The purpose of the malware is to generate fraudulent advertising revenue, but it could potentially have other sinister purposes.
Check Point said it made the discovery when its researchers gained “unprecedented access” to the Chinese cyber criminals who developed it. The group, called Yingmob, works in tandem with a legitimate Chinese advertising analytics company.
Check Point made the discovery when it followed a slender trail of data that led to the Chinese hackers' servers, giving them an inside look at what turned out to be a fairly vast criminal enterprise.
The Chinese group is described as highly organized with 25 employees. These employees are divided into four groups that are responsible for developing HummingBad.
In a report, Check Point researchers say the scam generates around $300,000 a month, but financial gain is just the tip of the iceberg. When the group is successful in its attack on a phone, it can create a botnet, carry out targeted attacks on businesses or government agencies, and even sell the access to other cybercriminals on the black market.
Data on compromised devices is at risk, including enterprise data if the owner happens to be using the phone for both personal and business purposes. Being able to access this data, the researchers say, creates a steady stream of income.
“Emboldened by financial and technological independence, their skillsets will advance – putting end users, enterprises, and government agencies at risk,” the authors warn.
According to technology website CNET, the most effective way to get rid of HummingBad is also pretty extreme: a factory reset.
“So backup your files and contacts, write down your favorite apps, and then reset your phone,” the site advises.
The way to avoid becoming infected again is advice you probably have heard before – don't download apps from untrusted sources.