YingMob,a China based group of cybercriminals created the HummingBad
malware,by which over 85 million android devices have been
hacked.,according to a checkpoint report released last week.Through this
they have earning about US$ 3000,000 a month.HummingBad uses a
sophisticated, multistage attack chain with two main components.
The first component, SSP, uses a rootkit that exploits multiple vulnerabilities
to try to root the target device.If rooting fails, the second component, CAP,
installs fraudulent apps using elaborate techniquesRegardless of whether the
rooting succeeds, HummingBad downloads as many fraudulent apps to the
target device as possible.Unmeg is a tracking and analytics service that
creators of HummingBad use.About 25 percent of apps on the control panel
of this service are malicious,and an approx of 10 million users have been
using those apps,checkpoint said.With China and India having the greatest
number of victims.US comes on number eight with 286000 people
affected.KitKat runs on 50 percent of the affected devices, Jelly Bean on 40
percent, Lollipop on 7 percent, Ice Cream Sandwich on 2 percent, and
Marshmallow on 1 percent, according to Check Point.Tvery hard this
malware is reaaly hard to identify and get rid of. Rob Enderle, principal
analyst at the Enderle grou p said,
“If done too poorly or slowly, it could quickly turn Android into an
unacceptable risk for the entire industry.
