Mobile Malware Threat Grows As HummingBad Infection Reaches 85m

The latest ‘Threat Index‘ from security specialists Check Point makes for grim reading, especially for Android users, with warnings that HummingBad has returned to the overall top-three threats across all platforms, and has now infected a staggering 85 million devices globally.

And to make matters worse, Check Point said that its latest threat data research has revealed a 61 percent increase (almost two thirds) in the number of active malware families in the first half of 2016.

Indeed, in its June Threat Index report, Check Point detected 2,420 unique and active malware families attacking business networks in June, representing a 21 percent increase since April. Business networks and mobile devices are the most threatened, highlighting the scale of risk faced by internal IT teams.

Android Infections

Check Point said that Conficker worm remained the most commonly used malware in June, accounting for 14 percent of recongised attacks. The Sality virus accounted for 10 percent of all attacks, and due to its complexity, is consider to one of the formidable malware to- date.

But mobile malware is an increasing concern, as HummingBad is in third position, and thanks to its infection of 85 Android devices, is estimated to be generating $300,000 (£227,920) per month in fraudulent ad revenue.

HummingBad is thought to have been developed in China, and last month security firm Lookout warned that it controls around 10 million devices.

The malware, which is attached to infected versions of Facebook, Twitter, WhatsApp and Okta’s enterprise single sign-on app, installs a rootkit that allows it to remain in place even after a factory reset, Lookout said.

It puts into place applications that generate fraudulent advertising revenue, as well as other fraudulent apps.

The malware is believed to be developed by Chinese organisation called Yingmob, a highly organised group with 25 employees staffing four divisions that develop the malware’s components.

Mobile Malware

Other mobile malware causing concern is Iop, which is Android malware that installs applications and displays excessive advertising by using root access on the mobile device. The amount of ads and installed apps makes it difficult for the user to continue using the device as usual, warned Check Point.

But it is not just Android. Apple The third biggest threat to business mobile devices is XcodeGhost, which is a compromised version of the iOS developer platform, Xcode. It apparently injects malicious code into any app that was developed and compiled using it. The injected code sends app info to a C&C server, allowing the infected app to read the device clipboard.

“The sustained, significant increase in the number of active malware families targeting business networks during the first half of 2016 highlights the escalating threat levels that organisations are currently facing,” said Nathan Schuchami, head of threat prevention, Check Point

“Hackers are putting extensive effort into creating new, sophisticated malware families to defraud companies and steal data,” said Schuchami. “Organisations need advanced threat prevention measures on their networks, endpoints and mobile devices to stop these threats before they fall victim to them.”

Quiz: What do you know about cybersecurity in 2016?

Tom Jowitt

Tom Jowitt is a leading British tech freelancer and long standing contributor to Silicon UK. He is also a bit of a Lord of the Rings nut...

Recent Posts

Reddit Introduces AI Search Tool

AI-powered Reddit Answers allows users to access information based on Reddit posts, in move to…

13 hours ago

Former OpenAI Researcher Raises $40m For AI Voice Start-Up

Former co-developer of voice mode for OpenAI's ChatGPT launches WaveForms AI to make AI voice…

13 hours ago

OpenAI Releases Sora Video-Generation Tool

OpenAI releases Sora AI video-generation tool to ChatGPT Plus and Pro subscription users amidst concern…

14 hours ago

Tesla To Use Human Back-Up Drivers For Cybercab Fleet

Tesla to initially use human back-up controllers for company-owned robotaxi fleet at launch next year,…

14 hours ago

China Opens Nvidia Antitrust Probe After US Sanctions

Chinese government opens antitrust probe into Nvidia's $7bn acquisition of Mellanox, in move seen as…

15 hours ago

Google Announces Quantum Chip Error ‘Breakthrough’

Google Willow quantum chip makes significant improvements in error correction, moving quantum computing closer to…

15 hours ago