Security firm Check Point has discovered a new piece of Android malware dubbed “HummingBad”, which they estimate has infected 10 million Android devices worldwide. The infection is concentrated in China and India, which do not have access to the Google Play Store and its vetting process. As a result, apps (and the malware) are obtained in these countries through third-party app stores.
HummingBad was created by Chinese advertising company Yingmob to trick users into clicking on mobile and web ads to generate revenue. While the malware is currently only used for “clickfraud”, it does gain root access to the Android OS, which means it could potentially be used to collect personal information or harvest login credentials.
It can be hard to tell if you’ve been infected, but unexpected advertisements or prompts to install apps may result.
As always, you should back up your data, keep your mobile devices up-to-date, including security updates, and if you think your device is infected, a factory reset and password change is best. If you have access to the Google Play Store, don’t download apps from third-party stores, only from Google Play. Infection may also occur from clicking on ads on questionable websites, so refrain from doing so.