10M Android Devices Reportedly Infected With Chinese Malware

H

HardOCP News

[H] News
Joined
Dec 31, 1969
Messages
0
How does something like this get so bad? I can see hundreds, maybe thousands of Android devices, but ten million? That number is just crazy when you think about it.

More than 10 million Android devices have been infected by malware called HummingBad, according to cybersecurity software maker Check Point. Check Point, which has been tracking the malware since it was discovered in February, released an analysis of the threat on Friday.
 
Steve said:
How does something like this get so bad? I can see hundreds, maybe thousands of Android devices, but ten million? That number is just crazy when you think about it.

More than 10 million Android devices have been infected by malware called HummingBad, according to cybersecurity software maker Check Point. Check Point, which has been tracking the malware since it was discovered in February, released an analysis of the threat on Friday.
Click to expand...

If they have been following this since Feb why has it taken so long to say something? Waiting until it hit a larger number?
 
Impressive malware to say the least. Very interesting in how it works and what it can do. The whole drive by download thing though tells you everything you need to know. People doing bad things on their phones and not knowing what the hell they're doing. "Oh that's a pr0n site! Gimme pr0n!" "I need to play that $1.99 game so i'm just going to go pirate it."

It's also quite interesting that this Yingmob group has also authored malware for iOS that does kind of the same thing.

Overall I'm not too concerned about this malware. I'm more concerned about the number of people who fell for it though. That just makes you weep for humanity.
 
This is why I don't trust phone manufacturing in China.

Large OEM's should at the very least be receiving the assembled phones outside of China, and flashing them all with clean ROM's to make sure they aren't shipping brand new phones with malware to their customers.

This won't avoid the risk of a surreptitiously embedded flash or rom component that reinfects any ROM on boot, but that is more complicated to pull off, and thus less of a risk. Phone anufacturers need to put a statistically valid sample size of phones under a microscope and look for ANY component on the boards not a part of their design, as well as program any component on th ephone that is programmable OUTSIDE of China.
 
A person in India considers if someone stole something and got away with it to be free and clear, so generally they will just steal from someone else it is cultural thing I never understood I just avoid the country as most who live over here permanently end up in jail if they do that or they find they have friends if they do not behave like that. China has more of an issue with a revolt going on right now. People are refusing to do what the their government tells them to do. Not sure how long it will last but it is funny to watch one of the most harsh and dictatorial counties running perfectly normal by ignoring their leaders. I think I know what it is over but most people will say you have got to be kidding, right? Either way both countries have a major issue of the haves and have nots. The haves will be running the same devices the first world countries are the have nots run free phones on free wireless but the devices are made as cheap as possible so that when they see a phone and steal it the person goes and gets another cheap free phone. The probability is good all of those devices are still running ginger bread at this point, as they do not have the newtons to run the more complex operating systems. newtons being the amount of work done in a unit or time, or the work done per clock cycle.

Also watch out for a fake Mozilla update download. Mozilla updates using it's own process, or you download a new install of the client.
 
So no way to detect or remove this in the links other than some obvious sales pitch for Checkpoint software.
 
azuza001 said:
If they have been following this since Feb why has it taken so long to say something? Waiting until it hit a larger number?
Click to expand...
Just following the same schedule as phone carriers, wait a couple months then maybe say something about updates or things and such.
 
Missing malware stats for all other countries to a get proper comparison
 
Last edited:
The US has 288,800 infected devices. The UK and Australia each have fewer than 100,000 devices affected.

In other words, this is a non thing for US android markets. Couple that with the fact that nothing else security wise detects it supposedly and this feels like security scareware at its finest.
 
You guys seem to miss simple facts like there are estimated over 1100 million android phones in the world, so 10m = 0.91% of android phones are infected, not crazy at all, and with the unsafe standard practices of users on the most affected regions which may include attempts at installing market place hacks and the like, well, it isn't impressive at all.
 
Google shipping a fundamentally broken operating system to carriers who don't provide timely (or any) security updates while users can install applications that haven't been vetted for malware is probably why.

Waiting for Android’s inevitable security Armageddon

Same crap that's been happening since the beginning. Android is the biggest vector for malware since Flash and Windows XP
 
Stupid users trying to get things for free are the biggest vector for malware. If you read the declarations of the Check Point fella it is exactly that way how the malware was distributed. Sure the OS could be safer, but stupid users are always the weakest link.
 
You must log in or register to reply here.
Back
Top