A multimillion-pound Chinese advertising and analytics agency is behind malware that has infected over ten million Android devices. That’s according to a report from security company Check Point, who have tied the malware to a gang of cybercriminals – called Yingmob – associated with the otherwise legitimate company.
“The first component attempts to gain root access on a device with a rootkit that exploits multiple vulnerabilities. If successful, attackers gain full access to a device,” Check Point explains in its report. “If rooting fails, a second component uses a fake system update notification, tricking users into granting HummingBad system-level permissions.”
Check Point first picked up on the malware in February 2016. Cases have reportedly risen since then, but spiked in mid-May. According to the company, HummingBad collectively generates around $300,000 a month through forced ad clicks and app downloads.
The picture painted by Check Point is that of a highly organised company, with 25 employees and staff spread across four separate groups. The business model also goes beyond malware, with the group reportedly able to sell access to phones.
“Accessing these devices and their sensitive data creates a new and steady stream of revenue for cybercriminals,” says Check Point. “Emboldened by financial and technological independence, their skillsets will advance – putting end users, enterprises, and government agencies at risk.”
A spokesperson from Google told CNET that the company has “long been aware of this evolving family of malware and we’re constantly improving our systems that detect it… We actively block installations of infected apps to keep users and their information safe.”
The bulk of infections are in China and India, with 1.6 million and 1.35 million cases respectively. There are allegedly fewer than 100,000 devices affected in the UK.
Related Posts
The Best Malware Removal Software
How to Disable AMBER Alerts on an iPhone, Android and Other Devices
Do AirPods Work With Android Devices?
How to Log Out of All Devices in Messenger
![How to Manage Subtitles for Disney Plus [All Major Devices]](https://i0.wp.com/www.alphr.com/wp-content/uploads/2020/06/How-to-Manage-Subtitles-for-Disney-Plus-All-Major-Devices.jpg?resize=230%2C170&ssl=1)
How to Manage Subtitles on Disney Plus [All Major Devices]
![How to Manage Subtitles for CBS All Access [All Major Devices]](https://i0.wp.com/www.alphr.com/wp-content/uploads/2020/06/How-to-Manage-Subtitles-for-CBS-All-Access-All-Major-Devices.jpg?resize=230%2C170&ssl=1)
How to Manage Subtitles for Paramount+ (All Major Devices)
![How to Manage Subtitles for Amazon Prime Video [All Major Devices]](https://i0.wp.com/www.alphr.com/wp-content/uploads/2020/06/How-to-Manage-Subtitles-for-Amazon-Prime-Video-All-Major-Devices.jpg?resize=230%2C170&ssl=1)
How to Manage Subtitles for Amazon Prime Video [All Major Devices]
How to Change the Language on Netflix [All Devices]
How to View Logged-In Devices for Amazon
Disclaimer: Some pages on this site may include an affiliate link. This does not effect our editorial in any way.
