Researchers have spotted a new type of mobile malware that roots Android devices with the purpose of generating fraudulent ad revenue for its operator. Earlier this month, Andrey Polkovnichenko and Oren Koriat, two members of the Check Point Research Team, wrote in a blog post about how they detected the malware, which they have named “HummingBad,” as part of a drive-by download attack served by porn websites against two customers’ Android devices. Curious, they decided to dig into the malware and figure out what makes it tick. As it turns out, HummingBad is a complex rootkit whose components are encrypted, in an attempt to avoid being flagged by security solutions as malicious.
View full story
ORIGINAL SOURCE: Graham Cluley