According to a new report from security companies Checkpoint and Lookout, about 10 million Android smartphones could have been infected by a malware called HummingBad. The said malware is a rootkit which installs itself inside a phone’s operating system in order to avoid detection and then gives its creators complete control over the handset.
As soon as this rootkit gets into a persons smartphone, it installs apps on the device and then spies on their browsing habits. Its creators generates huge amount of money via this means because HummingBad generates fake clicks for online adverts, according to research, around $300,000 (£232,000) a month is earned by the creators of this rootkit.
The malware is usually found on smartphones running older Android operating systems since it is able to exploit security loopholes in them and it masquerades as legitimate apps such as Facebook or Twitter. Checkpoint said in a blog post that it had obtained access to the command-and-control servers that oversee infected phones and this revealed that HummingBad has now managed to infect around 10 million devices. The greatest number of infected devices are located in India, Indonesia, China and the Philippines.
This malware, even after a factory reset can still remain persistent, according to Lookout the sudden spike in phones infected by HummingBad is a result of its creators adding more features or functions to the malware, and also by finding new ways to distribute it.
Google is aware of this threat and is working towards blocking apps infected and keeping users data safe;
We’ve long been aware of this evolving family of malware and we’re constantly improving our systems that detect it. We actively block installations of infected apps to keep users and their information safe
Android, Inc. was founded in Palo Alto, California in October 2003 by Andy Rubin, Rich Miner, Nick Sears and Chris White. The early intentions of the company were to develop an advanced operating system for digital cameras. Though, when it was realized that the market for the devices was not large enough, the company diverted its efforts toward producing a smartphone operating system that would rival Symbian and Microsoft Windows Mobile. In July 2005, Google acquired Android Inc. for at least $50 million. The Android mobile operating system is currently developed by Google, based on the Linux kernel and designed primarily for touchscreen mobile devices such as smartphones and tablets.
A rootkit is a collection of computer software, typically malicious, designed to enable access to a computer or areas of its software that would not otherwise be allowed (for example, to an unauthorized user) while at the same time masking its existence or the existence of other software. The term rootkit is a concatenation of “root” (the traditional name of the privileged ccount on Unix-like operating systems) and the word “kit” (which refers to the software components that implement the tool). The term “rootkit” has negative connotations through its association with malware (Malicious Software, a software used to disrupt computer operations).