Chinese Ad Network's Monthly Profits From Android Malware Top $300,000
Over five months, a Chinese mobile advertising network has infected more than 85 million Android devices generating fake clicks and forcing more than 200 apps on victims for cash, according to security firm Check Point.A Chinese mobile advertising firm has reaped more than $300,000 a month by infecting 85 million Android smartphones with malware, known as HummingBad, and using its control over the devices to fake advertising clicks and install unwanted applications, according to research published by security firm Check Point Software Technologies. The firm, known as Yingmob, also legitimately sells mobile advertising, but its fraudulent efforts have reaped significant rewards for a group within the firm, whose name translates to "Development Team for Overseas Platform," Check Point stated in its report. The company's use of fraud nets more than 2.5 million clicks per day, totaling more than $3,000, and installs more than 50,000 fraudulent apps per day, totaling about $7,500. "We've seen highly targeted attacks that expose sensitive and valuable information," Michael Shaulov, head of mobility product management at Check Point, told eWEEK. "But none until HummingBad have had a clear strategy of hiding behind a legitimate business to generate the money needed to stay alive and, more worrisome, to grow." Check Point has been tracking the current operation since February, when the malware started spreading, according to data on a command-and-control server found by the company. However, in a July 7 blog post, mobile security firm Lookout argued that the attack is a variant of another piece of malware, Shedun, which appeared last November.
Both companies detected a massive spike in infected Android devices in the past month.