1. Home
  2. Software
  3. HummingBad

HummingBad

HummingBad is a family of Android malware that generates fraudulent advertising revenue and has the ability to obtain root access on older, vulnerable versions of Android. [1]

ID: S0322
Type: MALWARE
Platforms: Android
Version: 1.1
Created: 25 October 2017
Last Modified: 11 December 2018
Mobile Layer
download view

Techniques Used

Domain ID Name Use
Mobile T1404 Exploit OS Vulnerability

HummingBad can exploit unfixed vulnerabilities in older Android versions to root victim phones.[1]
Mobile T1472 Generate Fraudulent Advertising Revenue

In July 2016, HummingBad generated more than $300,000 per month in revenue from installing fraudulent apps and displaying malicious advertisements.[1]
Mobile T1452 Manipulate App Store Rankings or Ratings

HummingBad can create fraudulent statistics inside the official Google Play Store.[1]

References

  1. Dan Goodin. (2016, July 7). 10 million Android phones infected by all-powerful auto-rooting apps. Retrieved January 24, 2017.