HummingBad malware on Android phones: why and how to stay safe

A potent malware named HummingBad is spreading fast and is compromising user privacy by taking root in smartphones and tablets.

The HummingBad malware currently affects over 10 million Android smartphones and the only way to get rid of it is a factory reset.

Originating in China, HummingBad was created by a group of cyber criminals calling themselves Yingmob and has the potential to take root in your phone, installs other fraudulent apps and generates fraudulent ad revenue by making it look like you clicked on certain mobile ads.

LinkedIn connections could just be lurking hackers

HummingBad can also steal information stored in your phone like texts, contacts, banking information and e-mail accounts and its owners can sell such information to the highest bidder in the black market. According to security firm Check Point who published a research article on HummingBad, the malware has infected as many as 1.6 million devices in China, 1.3 million devices in India and around 100,000 devices including smartphones and tablets in the UK.

Check Point has also warned that Yingmob hackers can use HummingBad to carry out more direct and concentrated attacks in the future. "Emboldened by this independence, Yingmob and groups like it can focus on honing their skill sets to take malware campaigns in entirely new directions, a trend Check Point researchers believe will escalate. For example, groups can pool device resources to create powerful botnets, they can create databases of devices to conduct highly-targeted attacks, or they can build new streams of revenue by selling access to devices under their control to the highest bidder," it said.

Watching porn on your Android phone? Beware of infected apps!

Given that HummingBad gains root access to your phone, it is not possible to simply uninstall it. Instead, you will have to make your phone or tablet undergo a factory reset after backing up your stored data. Installing a potent mobile antivirus software after rebooting your phone will be a great idea as well.

Check Point has been instrumental in issuing warnings on potential malware before the latter could cause much damage. A year ago, the firm red-flagged an app named 'EASY screen recorder NO ROOT' as a source of major trouble, claiming that hackers can gain “illegitimate privileged access rights” to individual Android devices through the app. This vulnerability was present in all devices running both Android 5.0 Lollipop and Android 4.4 KitKat operating systems.

“Hackers were able to bypass the Android permission model to access system level resources and capture details from the affected device,” said Check Point. The hackers have such control over vulnerable devices that they can not only view individual videos through this app but can also share them on public forums. In most cases, hackers used TeamViewer’s plug-in to access vulnerable devices to record their screens.

Leave a Comment