Because what the world needed was more bad news about cybersecurity, it seems that 10 million phones have been infected with the preciously named Hummingbad malware. Once in residence, the malware scraps user personal data and makes it appear they have clicked on advertisements they have not.
The slightly better news for U.S. readers is that the vast, vast majority of the cases of Hummingbad originate abroad – fewer than 250,000 cases have been detected on phones operating in the U.S.
However, security experts have noted, there are likely many cases where users phones are infected and they simply don’t know it. But that is increasingly fixable. Hummingbad is now sufficiently exposed and well known that any number of security apps can detect it on a user’s phone – Checkpoint, Lookout, Avast, and AVG all make products capable of detecting it.
Which leads to some more bad news – for owners of infected phones. Because the malware tends to “roost” pretty expansively across the OS, generally the best way for a layman with an infected phone to fix the problem is to do a hard factory reset and wipe out everything on their device. Though some sources note it is possible to “painstakingly remove” the malware in its entirety by hand, most note that it is astonishingly difficult to do so.
As always, the experts instead recommend not getting one’s phone infected in the first place by avoiding apps from untrusted sources. Most U.S. Android users do their app downloading in the Google Play store – but third party stores are more common abroad and tend to have somewhat less rigorous vetting. This is why so many more phones are infected worldwide than in the U.S.
“The biggest thing I could say is, don’t download apps from untrusted stores,” noted Dan Wiley, Head of Incident Response at Checkpoint.
We’re always on the lookout for opportunities to partner with innovators and disruptors.
Learn More