Recently, reports of malware on mobile phones have become more and more widespread and a new instance of Android malware is on the prowl for your information.

The malware in question is HummingBad, which was detected by software firm, CheckPoint. According to the Checkpoint, HummingBad installs fraudulent apps on an Android phones. This is reportedly meant to increase ad-revenue gained from serving adverts in these “apps”.

While that sounds innocent enough, the malware installs a rootkit on a person’s phone. This gives the software unfettered access to the smartphone and allows attackers to do whatever they please. This includes logging keystrokes and accessing emails, encrypted or not.

How do you get HummingBad?

CheckPoint says the malware formed part of a drive-by download attack. This means that should you simply visit a site serving the malware it would have infected your handset.

The firm goes on to say that some websites serving adult content were found to be serving the malicious payload.

How do I know if I have HummingBad?

While the app does ask the user to allow actions, you may miss them as they come through as “system update” requests. What you’re going to need is an anti-virus app. We recommend Kaspersky Internet Security or Avast Mobile Security and Anti-virus.

Once you’ve downloaded or updated the software you need to start scanning your handset. This might take a while depending on how full your handset’s storage is.

How do I remove HummingBad?

At this point, if your phone is infected the only way to remove HummingBad is to factory reset your phone.

Make sure you have backups of all your important files and then go to Settings scroll to Backup & Reset and select the option Factory data reset. Follow the prompts and wait for your phone to revert to its factory settings.

At this point your phone should be HummingBad free and you can start installing your apps, synchronising your contacts and transferring any content you had stored on the phone.

We suggest running an additional scan once you’ve transferred files back to your phone, just in case one of those files happens to be infected.

Staying safe in future

To prevent this from happening again, we recommend only visiting trusted websites on your mobile. We also recommend only ever downloading apps through the Google Play store. Obtaining apps from a source that isn’t Google (side-loading), which scans and verifies each app on the store opens you up to dangerous software such as HummingBad.

We should also point out that this is no guarantee of safety. Cybercriminals are becoming smarter and their methods more complex. The best course of action is to be vigilant and cautious of where you’re going and what you’re downloading online.

[Source – Check Point] [Image – CC BY SA Christiaan Colen]



Brendyn Lotz writes news, reviews, and opinion pieces for Hypertext. His interests include SMEs, innovation on the African continent, cybersecurity, blockchain, games, geek culture and YouTube.