The security world is warning Indian Android mobile users that the malware HummingBad has been spreading fast across the globe and pose a threat to Indian mobile users also.
This malware which is reported to have infected over 1.4 billion Android devices worldwide and generates an ad revenue of over $300000 to its Chinese owner “Yingmob”, which is a Chinese mobile ad server company, which had already been linked to the development of malware targeting Apple iOS devices.
Once on a device, HummingBad is capable of exploiting a full range of paid services, including displaying mobile ads, creating fraudulent clicks from users’ devices, and installing additional fraudulent apps.According to Check Point, the apps display more than 20 million advertisements per day, and Yingmob achieves over 2.5 million ad clicks per day which translates into significant revenues. Yingmob’s average revenue per clicks (RPC) is $0.00125, making accumulated daily revenue from clicks is over $3,000. Added to revenues from fraudulent app downloads, which exceed $7,500 daily, Yingmob makes over $10,000 per day, more than $300,000 a month.
Under the Indian laws, such “Unauthorized introduction of a code is considered a computer contaminant and is an offence under Section 66 of ITA 2000/8”. In case any of the intruded mobile is a property of the Government of India, the intrusion can be considered as an offence under Section 66F which is considered as “Cyber Terrorism” under which “Life Imprisonment” is possible. Also in view of Section 75 of ITA 2000/8, Indian Courts have a jurisdiction to take on trial this offence and pronounce a verdict.
In order to discourage legitimate commercial companies getting into cyber crime as business, it is necessary that such activities are nipped in the bud. I therefore urge the Indian Government to lodge a formal complaint with evidence obtained from Check Point and prosecute YingMob for Section 66F offence in India and then take up the issue at International Levels.
This trend of mobile malware that tries to root into the system may also be commercially beneficial to the mobile companies since users tend to get fed up with the slowing down of their devices and often decide to buy a new mobile rather than put up with a persistent malware induced performance attrition. Probably the Chinese mobile Industry is not so unhappy therefore that there are companies like YingMob in their midst.
Besides, the growth of mobile ransomware poses unimaginable threat to the India’s Digital India program and if proper defensive action is not taken to prevent the YingMob type of companies from using its resources to commit international crimes, the future for Indian economy is in danger of being swamped by a Cyber war attack launched through the same mobiles through which HummingBad may be operating today as a relatively less harmful, performance reducing malware. Left unchecked it can become a monster in the days to come.
It is time India takes a lead in checking such malpractice and show to the world that such deceit does not pay.