10 Million Android Phones Infected With Malware HummingBad

A new report from security companies Checkpoint and Lookout has said that up to 10 million Android smartphones could have been infected by a malware called HummingBad.

According to the companies, the malware is a rootkit which installs itself deep inside a phone’s operating system to avoid detection and gives its creators complete control over the handset. 

When it’s on a person’s phone, HummingBad installs apps on their device and spies on their browsing habits. It also generates fake clicks for online adverts and research suggests it’s making around $300,000 (£232,000) a month for its creators through this. 

The malware was brought to the attention of Checkpoint and Lookout when both companies noticed a sharp spike in the number of phones infected by it. It’s usually found on phones which run older Android operating systems as it’s able to exploit security loopholes in them by masquerading as legitimate apps such as Facebook or Twitter. 

According to the BBC, Google, who released the latest Android security update just this month, said “We’ve long been aware of this evolving family of malware and we’re constantly improving our systems that detect it. We actively block installations of infected apps to keep users and their information safe.”

Checkpoint said in a blog post that it had obtained access to the command-and-control servers that oversee infected phones and this revealed that HummingBad has now managed to infect around 10 million devices with the greatest number of infected devices being located in China, India, Indonesia and the Philippines. In its own blog post, Lookout has said it thinks that the sudden spike in phones infected by the malware is a result of its creators adding more functions to the malware, or by finding new ways to distribute it. It also says that even after a factory reset, the malware “can remain persistent”.