Google’s Android operating system has some pretty serious security issues as of late. The HummingBad malware essentially roots your Android smartphone device.
The malware establishes a persistent rootkit on Android devices, generates fraudulent ad revenue, and installs additional fraudulent apps. HummingBad installs more than 50,000 fraudulent apps per day and displays more than 20 million advertisements per day.
According to a research report from Check Point Software Technologies, “the HummingBad campaign runs alongside a legitimate advertising analytics business, sharing their technology and resources, enabling it to control tens of millions of Android devices [and] generate $300,000 a month.”
Google pushes out monthly security updates to the Android operating system however phone carriers and manufacturers haven’t held up their end of the bargain with timely update roll outs. According to a Bloomberg Technology report, “the most challenging discussions are with carriers, which can be slow to approve updates because they test them thoroughly to avoid network disruption. Verizon Communications Inc.’s tests can take months, according to a former employee of the largest U.S. wireless provider. It has shaved a few weeks off at the behest of Google and customers, the person said. Shortening it further is difficult because Verizon supports so many different Android phones, which must be tested before updates go live, the person added.”
How to remove Android malware
Most people won’t be able to determine if their phone has been compromised. So how do I know if my phone has been rooted, you may ask. Vancouver Gadgets would recommend downloading and scanning their smartphones with Lookout Security and Antivirus.
Note that general consumers will be most likely to be affected by the issue since many businesses use mobile device management (MDM) software to lock down smartphone settings. If you have a corporate managed device please check with your IT department before downloading and installing any application from the Google Play Store.
To be safe from future malware issues be sure that app installations outside of Google Play are not allowed on your device by following these steps:
- Scroll down from top of phone
- Click the Settings “cog”
- Scroll down and click Security
- Find “Unknown Sources” and make sure the option to Allow installation of applications from both trusted and unknown sources is NOT checked. If you have a corporate managed device you may find this option is grayed out or unavailable.
It is believed the organization behind the malware is based in China at Yingmob, a Chinese mobile ad server company. As reported by Motherboard, “… based in Beijing’s Chaoyang District, Yingmob, a subsidiary of MIG Unmobi Technology Inc., markets itself like any other advertising firm. Its professional-looking website claims its easy-to-deploy ads support text, pictures, and video, and don’t affect the user experience. It offers pop-up, sidebar, and in-app adverts.”
If you need help resolving Android malware issues please let us know and leave a comment below.