Hackers could be earning £250,000 from your smartphone
Android malware, dubbed HummingWhale, has been discovered in the Google Play Store – hidden within 20 apps that were downloaded several million times by unsuspecting users.
The new malware uses “cutting edge techniques” to perform fraud with terrifying efficiency.
Online security company Check Point published a new blog entry about the HummingWhale malware.
HummingWhale "includes new, cutting edge techniques that allow it to perform ad fraud better than ever before," the security firm writes.
The new malware is based on the HummingBad malware first unveiled in mid-2016 and spread through third-party app stores that affected more than 10 million victims.
HummingBad was so widespread that in the first half of 2016 it reached fourth place in "the most prevalent malware globally" list, and dominated the mobile threat landscape with over 72 per cent of attacks.
Google Play Store reveals thousands have been tricked into downloading the fraudulent apps
Estimates at the time suggested the HummingBad malware was generating $300,000, almost £250,000 converted, per month in revenue.
And HummingWhale could be generating a similar level of revenue.
The malware earns money for cybercriminals by hijacking the advertisements and registering fraudulent views.
Check Point writes, "First, the Command and Control server (C&C) provides fake ads and apps to the installed malware, which presents them to the user.
"Once the user tries to close the ad, the app, which was already downloaded by the malware, is uploaded to the virtual machine and run as if it is a real device.
"This action generates the fake referrer id, which the malware uses to generate revenues for the perpetrators."
Android 7.0 Nougat – Seven of the best features in Google's new operating system
Sat, August 20, 2016
Android Nougat boasts a number of new features, including the ability to run two apps side-by-side, better battery life and improved encryption for personal data.
1 of 7
Nougat boasts a number of new features, including the ability to run two apps side-by-side, better battery life and improved encryption for personal data
Aside from generating revenue for the cybercriminals, HummingWhale is also capable of conducting a number of other malicious activities.
The malware is able to display illegitimate ads on a device, and hiding the original app after installation.
The apps infected with HummingWhale also attempt to raise their reputation in the Google Play Store by using fraudulent ratings and comments to encourage users to download them.
Check Point has contacted Google with its research, who removed the fraudulent apps identified by the security firm from the Google Play Store.
If you have downloaded any suspicious apps recently, it could be worth running an anti-virus on your device.
Those who believe they have been infected by malware should check out this Express.co.uk guide.