The world got a painful reminder of their fallibility last year when a group of hackers managed to infect millions of Android devices by successfully dodging Google’s security and uploading poisoned versions of popular apps with a malware program called “Hummingbad.”
At peak infection, the Hummingbad app was generating more than $300,000 a month in profits for the hackers.
Once Google was made aware of the issue, it pounced and began the work of identifying the poisoned apps and cleaning up the Play Store to make it safe again.That worked, but only for a while. The hackers are back with a new and improved version, dubbed “Hummingwhale,” which utilizes cutting edge technology and coding techniques to make it even harder to spot and stop. According to Android Headlines, “HummingWhale is much the same, except it hides its malicious code from the Google Play Store and Google’s on-device malware filters with a bit of clever code manipulation to do all the things that HummingBad’s rootkit did.”
As before, they’ve managed to get around the Play Store’s normally robust security and get the apps where they can be downloaded by the consuming public. Once again, the money is rolling in as millions of users are now re-infected.
Google is again moving swiftly and decisively to shut this latest strain down, but the trend is impossible to ignore. The hackers are relentless, and their attacks are increasing in complexity and sophistication with each passing year.
One thing we can be sure of is this: even if you and your employees managed to avoid getting infected by Hummingwhale, there’s always a new threat on the horizon, and it’s only a matter of time before someone in your organization gets careless and winds up infecting one of the devices they use to connect to your business network. With luck, it will only display a few annoying ads, but as you know, it could be very much worse than that.