Security experts from the Cheetah Mobile firm are monitoring an Android malware dubbed Hummer since August 2014. The researchers noticed a significant increase in the number of infections in 2016, with a daily average of 1.4 million affected devices.
The experts confirmed that the Hummer Android malware has become mobile Trojan with the highest number of infections worldwide.
The Hummer Android malware infected mobile devices worldwide, most of the infections were observed in India, Indonesia, Turkey, China, Mexico, the Philippines, Russia, Malaysia, Thailand and Vietnam.
Operators behind the threat used C&C infrastructure composed of 12 domains linked to a Chinese email address.
The experts highlighted that a so high number of infected devices could allow threat actors to earn hundred thousand dollars per day.
“Security researchers claim that this trojan family is one of the largest ever, with millions of Android phones infected around the world. Based on Cheetah Mobile’s estimation, if the virus developer were able to make $0.50 (the average cost of getting a new installation) every time the virus installed an application on a smartphone, the group behind this trojan family would be able to make over $500,000 daily.” states the report published by the Chinese firm.
The malicious code includes rooting exploits that use in the attempt to gain administrator privileges on the mobile device and makes hard its removal even with a factory reset.
The malicious code installs on the victim’s mobile device unwanted applications and it is also able to display ads.
“It will then frequently pop up ads and silently install unnecessary or unwanted applications (even malware) in the background, which consumes a lot of network traffic.” states the analysis.
The analysis of Hummer samples allowed the experts to discover that the threat is able to download more than 200 APKs and generate 2 Gb of network traffic in just a few hours.
“The researchers believe that this trojan family originated from the underground internet industry chain in China, based on the trojan codes that have been uploaded to an open-source platform by a careless member of the criminal group behind the trojan family,” concluded Cheetah Mobile.
(Security Affairs –Hummer Android malware, mobile)
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.