Hackers can secretly install malicious apps, games, and pop-up adverts on your smartphone remotely in order to make large sums of money.
Security researchers at Cheetah Mobile have uncovered one of the world's largest and most prolific Trojan families, infecting millions of Android devices around the world.
Dubbed Hummer, the notorious mobile trojan stealthily installs malicious apps, games, or even porn apps onto victim's phones and yields its creators more than $500,000 (£375,252) on a daily basis.
First discovered in 2014 by Cheetah Mobile, Hummer gained traction in early 2016 when the Trojan family was infecting "nearly 1.4 Million devices daily at its peak" with 63,000 infections occurring daily in China, according to researchers at Cheetah Mobile Security Research Lab.
"This Trojan continually pops up ads on victims' phones, which is extremely annoying," researchers wrote in a blog post. "It also pushes mobile phone games and silently installs porn applications in the background. Unwanted apps appear on these devices, and they are re-installed shortly after users uninstall them."Even after the number of phones infected has declined, Hummer is still infecting nearly 1 Million new devices per day, making it the most widespread trojan family in the world.
Every time Hummer installs a new app on the infected devices, it's developers make 50 cents. Therefore, the group behind this Trojan is believed to be making more than half a million dollars (over $500,000) daily.
...and over $15 Million per month.
🔐 Mastering API Security: Understanding Your True Attack Surface
Discover the untapped vulnerabilities in your API ecosystem and take proactive steps towards ironclad security. Join our insightful webinar!Join the Session
Here's How Hummer Work:
Once a device is infected with Hummer, the Trojan proceeds to root the phone to gain administrator privileges, which allowed it to discreetly install unwanted apps, games, porn apps as well as malware in the background.
"In several hours, the trojan accessed the network over 10,000 times and downloaded over 200 APKs, consuming 2 GB of network traffic," the researchers noted.
Hummer is almost Impossible to Uninstall
The bad news for affected Android users is that Hummer is extremely difficult if not impossible to get rid of, because the Trojan takes control of the phone at admin level, making it impossible for traditional antivirus tools to uninstall Hummer.
The dangerous part: It is impossible to delete the Trojan through a factory reset due to the fact Hummer comes equipped with up to 18 different separate rooting exploits that allow it to root itself on a phone, the researchers said.
Recently, Trend Micro researchers also detected a similar threat known as Godless that came with Android rooting exploits, affecting 90 percent of all Android devices available in the market today.
Hummer spreads itself using a different number of domain names and third-party app stores, tricking users into downloading malicious apps or fake versions of popular apps like Facebook or Twitter.
The researchers claim to have traced the source of the Trojan family to an "underground internet industry chain" in China, based on an email address linked to the domain names used by the malware.
India (154,248), Indonesia (92,889), Turkey (63,906), China (63,285) and Mexico (59,192) are the top five countries where Hummer has made most of its victims, but the Trojan is also infecting Android users in the U.S. and Europe.
Google's Android mobile platform has been a primary target of attackers, so it's better for you to avoid downloading apps from outside of the Google Play Store or untrusted sources. Moreover, always "review the developer" even if downloading apps from official app store.