Security researchers at Cheetah Mobile Security Research Lab believe they could have discovered one of the largest trojan families of all time, affecting millions of Android devices around the world when it was in full swing.
The mobile phone trojan family, known as "Hummer," gained traction in early 2016 when it was infecting "nearly 1.4 million devices daily at its peak," according to Cheetah Mobile. Hummer is thought to have originated in China relative to underground industry there, based on an email address linked to the domains used, and it saw 63,000 daily infections in China alone.
If the numbers are accurate, the Hummer trojan family could be one of the biggest ever. While the total number of new infections is dropping off, the average number of infected devices is 1,190,000—a larger number than any other mobile phone trojan. That's bad news for Android users, but it means big bucks for the bad guys.
More about IT Security
Cybersecurity is a key issue, with digital forensics teams arming organizations against the threat of data breaches and network security. Take our survey and get a free copy of the research report.
According to Cheetah Mobile's blog post: "if the virus developer were able to make $0.50 (the average cost of getting a new installation) every time the virus installed an application on a smartphone, the group behind this trojan family would be able to make over $500,000 daily."
So, what exactly does the Hummer trojan do? For starters, it will root the phone (basically unlocking the OS) to gain admin privileges. This leads to frequent pop-up ads and background installation of unwanted apps, games, pornographic applications, and malware. Even if a user uninstalls these apps, the trojan will reinstall them.
Perhaps the most astonishing information were the results of Cheetah Mobile's test on the Hummer trojan. "In several hours, the trojan accessed the network over 10,000 times and downloaded over 200 APKs, consuming 2 GB of network traffic." If your carrier throttles your data, you should hope and pray that you don't have this trojan.
The top five most-affected countries, by number of infections, were as follows:
India - 154,248
Indonesia - 92,889
Turkey - 63,906
China - 63,285
Mexico - 59,192
The latest evidence suggests that the Hummer family has upwards of 18 different root methods. Because of the kind of control it can gain over a device, normal anti-virus tools won't clear it out. Even worse, performing a factory reset on the device won't get rid of it either.
So, how can you get rid of it? Cheetah Mobile claims its trojan Killer app will remove Hummer, or users flash their device to get rid of it as well.
The 3 big takeaways for TechRepublic readers
The mobile trojan family Hummer could be one of the largest ever, with the number of infected devices hitting 1.2 million.
Hummer roots an Android device to gain admin control and installs unwanted apps, games, porn apps, and malware. In a few hours, it accessed the network more than 10,000 times and used 2GB of network data.
Hummer cannot be removed even by factory resetting a device. Cheetah Mobile's Killer app supposedly will remove the trojan, or users can flash their phone to remove it.
Tech Republic