EXPERTS estimate more than 10
million Android devices around the world have been infected by malware
linked to a Chinese company.
Cybersecurity
specialist Check Point has been tracking the malware called HummingBad
since its discovery in February and claim there has been a spike in
infected devices.In a new report, Check Point said the malware was a multistage attack chain with two main components, which first infected Androids when people visited certain websites.
“The first component attempts to gain root access on a device with a rootkit [software] that exploits multiple vulnerabilities. If successful, attackers gain full access to a device,” the report read.
“If rooting fails, a second component uses a fake system update notification, tricking users into granting HummingBad system-level permissions.”
According to Check Point, an otherwise legitimate mobile advertising analytics agency based in Beijing known as Yingmob is responsible for the malware.
“Yingmob has several teams developing legitimate tracking and ad platforms. The team responsible for developing the malicious components is the “Development Team for Overseas Platform” which includes four groups with a total of 25 employees,” the report read.
The cybersecurity firm’s analysis detailed Yingmob was using the malware to generate fraudulent advertising revenue through the forced downloading of apps and clicking of ads, which was making the company as much as $A402,000 per month.
“Yingmob may be the first group to have its high degree of organisation and financial self-sufficiency exposed to the public, but it certainly won’t be the last,” the report read.
http://www.news.com.au/technology/online/hacking/hummingbad-chinese-malware-infects-10-million-android-devices-experts-warn/news-story/bf8a8e891f7e335b64c13f02895ec27a
No comments:
Post a Comment