This Malware Steals $300,000 Monthly From 10 Million Android Phones

There’s a new and potentially devastating malware going around that affects Android phones. The new malware has wasted no time in infecting 10 million devices. This was unveiled recently by security companies Checkpoint and Lookout.

Details about the HummingBad Malware

The security companies released a report that pointed to an exponential increase in infected Android devices recently.

They’ve dubbed the new exploit HummingBad. This malware works by installing a rootkit on compromised devices, burying itself deep inside the operating system. The rootkit ends up giving complete control of your phone or tablet to the attackers.

HummingBad works by installing apps on any Android device, using them to spy on the habits of the users. If that wasn’t enough, it also generates fake clicks on advertising sites, making as much as $300,000 monthly for the creators of HummingBad.

By nesting itself deep inside the OS, even a factory reset couldn’t help in erasing the malware, according to the report released by Lookout.

Checkpoint’s report revealed that most of the phones infected with HummingBad originated in China, India, Indonesia and the Philippines.

How was HummingBad Discovered?

Checkpoint and Lookout both noticed a sharp increase in phones infected by HummingBad. Mostly phones with older Android OS versions were affected by it. In fact, the exploit worked by disguising itself as legitimate apps such as Twitter and Facebook.

BBC reached out to Google to comment on the HummingBad malware. Here’s the company’s response:

We’ve long been aware of this evolving family of malware and we’re constantly improving our systems that detect it. We actively block installations of infected apps to keep users and their information safe.

Google has also released a new security update this month for Android, which effectively blocks HummingBad malware.

How to Rid Your Device of HummingBad?

First you need to check if your device is infected. You can do this by installing and running any of the security apps for your Android device here:

Run a scan.

If you’re infected, then you will need to follow the following steps, before performing a factory reset on your Android phone or tablet. Be aware that a factory reset means that everything on your device will be erased.

To remove the Hummingbird malware:

  • First you need to create a backup of the data and content on your phone or tablet.
  • Tap on Settings > Backup and reset > Factory Data Reset on your phone/tablet.
  • Tap Reset phone or Reset device. This will start your device in Recovery mode, and initiate the wiping process.
  • Your phone will reboot once the process is done. And hopefully Hummingbird-free.

Samir is the Head of Entertainment at Lens by ProPakistani. You can reach out to him at samir.ya...

  • It didn’t steal money from android users, it stole created money for it’s developers by generating fake clicks on ads.So, in fact it stole money from ad networks or advertisers.

  • “even a factory reset couldn’t help”. And then it says Rest phone to remove the malware.

  • In the first part of the article you said
    “By nesting itself deep inside the OS, even a factory reset couldn’t help in erasing the malware, according to the report released by Lookout.”

    And in the end, you have given the steps of simple factory reset :S

  • close