What you need to know about the HummingBad malware that has affected over 10 million Android devices

“The malware puts as many as 85 million Android devices worldwide at risk”

Even before researchers could point out that a new Android malware is on the loose, it has already spread to an estimated 10 million Android handsets across the globe. Dubbed as “HummingBad” by the researchers at the security firm Check Point, the malware is one of the biggest attacks on Android in recent times. And given the OS runs on more than 80 percent of all smartphones and tablets in the world, it puts over 85 million Android handsets at risk.


What is it? And how do you know if you’re affected?

A malware is a term used for a hostile and intrusive software which can often lead computing systems to misbehave by performing unwanted actions without the consent of the user, resulting in severe security and privacy issues. According to the researchers at Check Point, the “HummingBad” malware comes from a Chinese advertising company.

If your smartphone displays advertisements at unusual times every now and then, you might be a victim of the malware attack. Otherwise, if you notice that you’re running out of your mobile data sooner than normal, or if there is a sudden drop in battery life, then also you could be affected by the malware. And in case the attack is severe, it can even be detected by some security apps found on the Play Store.

How does it affect Android smartphones?

Most people got infected because they installed a third-party application from an unknown source rather than the Google Play Store. Websites without much credibility could prompt users to install pieces of software including the malware. The majority of the affected handsets come from India and China. Third-party app stores are quite popular in both countries, indicating them as the most likely sources. Older versions of Android like Jelly Bean and KitKat are at higher risk of getting affected. That said, most of the exploits are already well known and can be prevented by installing the latest security apps.

What does it do?

The HummingBad malware tricks the user into clicking on mobile and web ads, generating revenue for its parent company, Yingmob. The practice, which is also known as clickfraud, isn’t something new, yet the HummingBad malware poses some even more sinister threats. The malware can gain root access to your smartphone, giving it complete control over your phone’s operating system. Rooting in itself isn’t a hostile act, as many consumers root their Android devices to tweak settings and extend the functionality. However, gaining root access without the consent of the owner is one of the most dangerous acts a malicious software can do. For instance, after gaining root access to your smartphone, the HummingBad malware connects to a server controlled by Yingmob, allowing an attacker to do anything that is virtually possible. It can be used to spy on your personal information, or even to steal your bank details.

How to get rid of it?

First and foremost, if you haven’t encountered the malware, avoid installing apps from untrustworthy sources and don’t check “Allow installation from unknown sources” in the settings. But in case you’re one of those unlucky 10 million, getting rid of the malware could mean you need to bid goodbye to some of your apps and data. The malware can only be removed by forcing a factory reset of your smartphone, starting over from scratch. After the reset, users are advised to change their Google account password, and only install apps that come from legitimate sources.

The openness of the Android OS can have both pros and cons. On one hand, it allows for tons of functionality and customisation, while on the other this may also pose a threat to security. We recommend you always keep an updated backup of your data at all times, for all devices you use.

Facebook Comments