Home
More than 10m devices running Google’s Android OS have been infected with HummingBad – a new piece of malware that is able to take over a smartphone or tablet, steal and sell on user data, including banking information and other data for identify theft. It is also able to download unauthorized apps and tap on advertising.
Security firms have been tracking the malware for the past few months. According to their statistics, after a spike in infections in May, HummingBad has now passed the 10 million mark. Security experts explain that it can infect an Android device if the user browses the infected website, in so-called “drive-by-download” attacks. After this, the malware tries to gain access to the underlying Android system by using “root access” to take full control. If it fails, it attempts to trick the user into giving almost full control via a fake update alert.
Once HummingBad has control of the Android smartphone or tablet, it can force it to download apps and tap on adverts in order to generate fraudulent advertising revenue without the device owner’s knowledge. Besides, the hackers could sell access to the device or the user’s data. Infected devices have been detected all over the world with 1.6m devices in China, 1.35m in India, 288,000 in the US and 100,000 in the UK and Australia. Google admits it has been aware of that malware and is constantly improving Android, actively blocking installations of infected apps.
Nowadays, smartphones are increasingly popular, so malware targeting both Android and iOS has increased in volume and effectiveness. In response, the platform developers made further moves to protect devices from such malware. However, in this case Apple has had more success in getting users to upgrade to the latest and most secure versions of its operating systems thanks to its control of both hardware and software. As for Android updates, it can take months if not years, because Google does not directly control most of the devices.
Google has recently separated security patches from the rest of the operating system, and now security updates are pushed out on a monthly basis for its own mobile devices. At the same time, other Android manufacturers like Samsung and LG promised to do the same. However, many other manufacturers are slow to release updates to user phones, which leaves users exposed.
If your device is infected with HummingBad, a factory reset might be the only recourse. Moreover, even then it could remain.
Sourced from torrentfreak
Security firms have been tracking the malware for the past few months. According to their statistics, after a spike in infections in May, HummingBad has now passed the 10 million mark. Security experts explain that it can infect an Android device if the user browses the infected website, in so-called “drive-by-download” attacks. After this, the malware tries to gain access to the underlying Android system by using “root access” to take full control. If it fails, it attempts to trick the user into giving almost full control via a fake update alert.
Once HummingBad has control of the Android smartphone or tablet, it can force it to download apps and tap on adverts in order to generate fraudulent advertising revenue without the device owner’s knowledge. Besides, the hackers could sell access to the device or the user’s data. Infected devices have been detected all over the world with 1.6m devices in China, 1.35m in India, 288,000 in the US and 100,000 in the UK and Australia. Google admits it has been aware of that malware and is constantly improving Android, actively blocking installations of infected apps.
Nowadays, smartphones are increasingly popular, so malware targeting both Android and iOS has increased in volume and effectiveness. In response, the platform developers made further moves to protect devices from such malware. However, in this case Apple has had more success in getting users to upgrade to the latest and most secure versions of its operating systems thanks to its control of both hardware and software. As for Android updates, it can take months if not years, because Google does not directly control most of the devices.
Google has recently separated security patches from the rest of the operating system, and now security updates are pushed out on a monthly basis for its own mobile devices. At the same time, other Android manufacturers like Samsung and LG promised to do the same. However, many other manufacturers are slow to release updates to user phones, which leaves users exposed.
If your device is infected with HummingBad, a factory reset might be the only recourse. Moreover, even then it could remain.
Sourced from torrentfreak