HummingBad Malware Infects 10M Android Devices

When we think of hackers and cybercrime, we usually envision computer thugs who want to target our personal information, steal our money electronically, or open new lines of credit using our personal identifiable information. But sometimes, the victims of a cybercrime are simply the tool that hackers use to scam someone else out of money.

In the case of a new malware that’s already been discovered on more than ten million Android devices around the world, the real payout is in phony advertising revenue.

Yingmob, a Chinese firm that operates a legitimate business tracking advertising interactions—also known as clicks, or click-throughs—actually turns out to have a shady side business that’s stealing from the advertisers. They do that by convincing those advertisers that smartphone users—their victims whose devices have the malware installed, in this case—are actually looking at more ads than they really are. The malware installs phony apps filled with ads on your device, then sends that advertising information back to the company. The advertisers are led to believe that far more people are clicking on their ads than actually are, and Yingmob is making money off of all those fake clicks.

While the victims whose devices have the malware may not seem like they’re being harmed all that much, there are a few takeaways that consumers must understand about this type of security breach. First, HummingBad is able to install on earlier versions of Android, so if you’re not updating your software when the company releases it, you’re leaving yourself vulnerable to any threats that target those previous editions. This is true of your smartphone, your computer’s antivirus software, or any other program you use. It’s imperative that users continue to update their software in order to secure all of their accounts and tech.

Also, don’t make the mistake of thinking that hackers are only after a quick buck. Once they’ve infiltrated your device, from there they can root around and look for personal information in order to do further harm. Any time news of a tech threat comes out, you must take action to make sure you’re protected.

If you’re a fan of third-party apps, you’ve got to be aware of the dangers of this kind of attack. Third-party app stores, meaning locations that let you download content but aren’t created by your device’s or your operating system’s company, are notorious for letting malicious software disguised as functioning apps slip through. Be very careful of what content you download and where it comes from.

Finally, the real warning here is that a genuine business is behind this cyberattack. Once the company had the ability to track users’ behaviors and ad clicks, it was an easy decision to use that capability to make even more money. That means this might be tempting for other companies to follow suit. Be very careful of what content is in your phone, keep your passwords secure by changing them routinely, and monitor your devices for any signs of strange activity.

Anyone can be a victim of identity theft, anyone can use our services, and anyone can help us help others. If you found this information useful, please consider donating to the Identity Theft Resource Center to help us keep our services free to the public.


ITRC Sponsors and Supporters 





Go to top


Need identity theft information on the go?

Download our ID Theft Help Mobile app.