HummingBad

HummingBad is a family of Android malware that generates fraudulent advertising revenue and has the ability to obtain root access on older, vulnerable versions of Android. [1]

ID: S0322
Type: MALWARE
Version: 1.1
Created: 25 October 2017
Last Modified: 21 April 2023

Techniques Used

Domain ID Name Use
Mobile T1404 Exploitation for Privilege Escalation

HummingBad can exploit unfixed vulnerabilities in older Android versions to root victim phones.[1]

Mobile T1643 Generate Traffic from Victim

HummingBad can create fraudulent statistics inside the official Google Play Store, and has generated revenue from installing fraudulent apps and displaying malicious advertisements.[1]

References