After the scary Stagefright incident, you'd think Android would be a safer platform by now. Well, it's currently a victim of its own popularity as a new security threat in the form of the HummingBad malware is taking over your Android phone in the interest of making lots of money for cyberhackers.
Security company Checkpoint said in a lengthy blogpost that it had been monitoring a group of cybercriminals in China since February 2016 who have been making US$300,000 a month from fraudulent ad revenue. It's estimated that at least 10 million Android phones around the world, most from China or India, have been infected.
What HummingBad does is install a rootkit on an Android phone that gives it access to the point it can install its apps without needing the phone owner's permission. HummingBad's repositiories, according to Checkpoint, are hosted by Chinese mobile ad company Yingmob. Apparently, the company has a division solely dedicated to creating and disseminating its malware to Android phones all over the world. Talk about scary.
HummingBad's apps display a collective 20 million advertisements a day and installs 50,000 fraudulent apps daily. Seeing how HummingBad's rootkit has access to your most sensitive data, it's best you download either Checkpoint's own mobile software Zone Alarm or other competing mobile scanners such as Avast, AVG or Lookout.
If the software detects HummingBad, it should be able to remove it but if you want to make sure its traces aren't left in your system, best to back up your data quickly and do a factory rest to try and clean whatever traces HummingBad has left. It's serious enough to consider as you really don't want a bunch of hackers having backdoor access to your phone in any case, given how it stores tons of important details.
In the meantime, stick to downloading apps from verified sources such as the Google Play store and resist downloading dodgy APKs from websites that just might be malware central. Better safe than 'my phone belongs to hackers now' sorry.