HummingBad

HummingBad is a family of Android malware that generates fraudulent advertising revenue and has the ability to obtain root access on older, vulnerable versions of Android. [1]

ID: S0322
Type: MALWARE
Platforms: Android

Version: 1.1

Techniques Used

DomainIDNameUse
MobileT1404Exploit OS VulnerabilityHummingBad can exploit unfixed vulnerabilities in older Android versions to root victim phones.[1]
MobileT1472Generate Fraudulent Advertising RevenueIn July 2016, HummingBad generated more than $300,000 per month in revenue from installing fraudulent apps and displaying malicious advertisements.[1]
MobileT1452Manipulate App Store Rankings or RatingsHummingBad can create fraudulent statistics inside the official Google Play Store.[1]

References