Register to stream ATT&CKcon 2.0 October 29-30


HummingBad is a family of Android malware that generates fraudulent advertising revenue and has the ability to obtain root access on older, vulnerable versions of Android. [1]

ID: S0322
Platforms: Android
Version: 1.1

Techniques Used

Domain ID Name Use
Mobile T1404 Exploit OS Vulnerability HummingBad can exploit unfixed vulnerabilities in older Android versions to root victim phones. [1]
Mobile T1472 Generate Fraudulent Advertising Revenue In July 2016, HummingBad generated more than $300,000 per month in revenue from installing fraudulent apps and displaying malicious advertisements. [1]
Mobile T1452 Manipulate App Store Rankings or Ratings HummingBad can create fraudulent statistics inside the official Google Play Store. [1]