Select a region
Nearly 100,000 Android devices in the UK have been infected with a computer virus called HummingBad which can gain access to and control phones and tablets, a cyber security firm has claimed.
Cyber security software maker Check Point says it has been analysing HummingBad since it discovered it in February and that it has now affected 10 million Android devices globally.
The security firm claims the malicious software (malware) was created by a group in China called Yingmob, which runs alongside a legitimate advertising analytics company.
It said the virus works by targeting a user’s phone when it is used to visit certain websites.
“If successful, attackers gain full access to a device,” the security firm said in its report.
“If rooting [infection] fails, a second component uses a fake system update notification, tricking users into granting HummingBad system-level permissions.”
This means that the malware now controls the device and uses its control of permissions to force it to download apps and click on adverts to generate fraudulent advertising revenue, the firm says.
Check Point said the attackers may also be able to sell access to the devices they compromise, giving away the information that is stored on them.
Critics of Google’s Android platform have said in the past that the open nature of the software and its use by a range of manufacturers causes “fragmentation” and makes the platform less secure than Apple’s mobile operating system, iOS.
However, the previously secure iPhone has allegedly been compromised by malicious apps in China and Taiwan in the past year – in attacks which Check Point claims were carried out by the same Yingmob group.
“Check Point believes this dangerous trend will escalate as other groups learn from Yingmob and find new ways to achieve the independence they need to launch larger and more sophisticated attack campaigns in the future,” the security firm said in its report.
In a statement, Google said: “We’ve long been aware of this evolving family of malware and we’re constantly improving our systems that detect it. We actively block installations of infected apps to keep users and their information safe.”
