According to Check Point, behind HummingBad is a group of developers from Yingmob, a legitimate advertising analytics agency based in China.
HummingBad began as a ‘drive-by download attack,’ in which mobiles were infected when people visited websites. The access is used to generate fraudulent advertising revenue, apparently up to USD 300,000 per month, through the forced downloading of apps and clicking of ads.
The bulk of victims are in China and India, with 1.6 million and 1.35 million cases respectively. The Philippines, Indonesia and Turkey are toward the top of the list, too. The US has 288,800 infected devices. The UK and Australia each have fewer than 100,000 devices affected.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now