Not less than 10 million Android smartphones were infected with a malware. The Android phones malware has the effect of generating fake clicks for advertisements.
In addition, the software surreptitiously installs applications and spies on how its victims browse.
Most of the phones affected by the malware are found in China.
Android phones malware noticed by security firms
Two security firms separately noticed the malware. The first one is Lookout, who refers to the software as Shedun. The other to notice is Checkpoint, who has named it Hummingbad.
Checkpoint said it had obtained access to the command-and-control servers that oversee infected phones which revealed that Hummingbad was now on about 10 million devices. China, India, the Philippines and Indonesia top the list of nations with most phones infected by the software.
How the malware works
Hummingbad is a rootkit and finds its way into the phone’s operating system so as to be masked. That also makes it possible for its controllers to determine how the smartphone function.
In other words, the malware gives its creators a remote control of your device. This way, they can click on ads to falsely popularize them. The group is also using this opportunity to spread programs that they have been paid to promote.
Moreover, the software is persistent, even after you carry out a factory reset. It defeats any attempts to uninstall by using the root privileges.
Who is the target?
The victims are mostly the users of earlier Android versions namely Kit Kat and Jellybean. The latest Android version is Marshmallow.
Google responded to the Android phones malware in a statement. The company said: “We’ve long been aware of this evolving family of malware and we’re constantly improving our systems that detect it. We actively block installations of infected apps to keep users and their information safe.”
The new Android version has handle about 108 vulnerabilities.