Android HummingBad virus infects 100 000 phones and tablets

Nearly 100,000 Android devices in the UK have been infected with a computer virus called HummingBad which can gain access to phones and tablets and control them, a cyber security firm has claimed.

Cyber security software maker Check Point says it has been analysing HummingBad since it was discovered in February and that it has affected 10 million Android devices globally.

The security firm claims the malicious software (malware) was created by a group in China called Yingmob, which runs alongside a legitimate advertising analytics company.

It said the virus works by targeting a phone when it is used to visit certain websites.

"If successful, attackers gain full access to a device," the security firm said in its report.

"If rooting [infection] fails, a second component uses a fake system update notification, tricking users into granting HummingBad system-level permissions."

This means the malware now controls the device and uses its control of permissions to force it to download apps and click on adverts to generate fraudulent advertising revenue, the firm says.

Check Point said the attackers may also be able to sell access to the devices they compromise, giving away the information that is stored on them.

Critics of Google's Android platform have said in the past that the open nature of the software and its use by a range of manufacturers causes ‘fragmentation’ and makes the platform less secure than Apple's mobile operating system, iOS.

In August last year, Google and Samsung started offering monthly security fixes for Android phones, following the unveiling of the Stagefright bug in the mobile operating system which affected all Android devices released after late 2010. 

However, the previously secure iPhone has allegedly been compromised by malicious apps in China and Taiwan in the past year in attacks which Check Point claims were carried out by the same Yingmob group.

"Check Point believes this dangerous trend will escalate as other groups learn from Yingmob and find new ways to achieve the independence they need to launch larger and more sophisticated attack campaigns in the future," the security firm said in its report.

Google is yet to comment on the findings.

Recent articles

Info Message

Our sites use cookies to support some functionality, and to collect anonymous user data.

Learn more about IET cookies and how to control them