Chinese malware called HummingBad has infected at least 10 million Android devices, according to security researchers.
Cybersecurity software maker Check Point released an analysis about the malware, which the firm has tracked since it was discovered in February. HummingBad gives cybercriminals administrative-level access to infected Android devices. It downloads apps and clicks adds without users’ knowledge, generating fraudulent advertising revenue of up to $300,000 per month, CNET reports.
The majority of the malware’s victims are in China and India, each with over 1 million cases. The U.S. is home to roughly a quarter of a million infected devices, according to the report.
Check Point says a team of developers at Yingmob, a multimillion-dollar advertising analytics agency based in Beijing, is behind HummingBad. The group can also sell access to and give away information from infected phones, the security firm says.
“We’ve long been aware of this evolving family of malware and we’re constantly improving our systems that detect it,” a Google spokesperson told TIME. “We actively block installations of infected apps to keep users and their information safe.”
According to Check Point, Apple devices have also been hit by similar malware, including some attacks from Yingmob using an iOS malware called Yispecter.
[CNET]
More Must-Reads from TIME
- Welcome to the Golden Age of Scams
- Introducing TIME's 2024 Latino Leaders
- How to Make an Argument That’s Actually Persuasive
- Did the Pandemic Break Our Brains?
- 33 True Crime Documentaries That Shaped the Genre
- The Ordained Rabbi Who Bought a Porn Company
- Why Gut Health Issues Are More Common in Women
- The 100 Most Influential People in AI 2024
Contact us at letters@time.com