A year ago, Android malware was discovered, known as HummingBad, which infected more than 10 millions of devices worldwide. Este año, a new variant of that malware has once again slipped into Google Play Store, under the appearance of regular apps.
The infected apps, which have already been removed from the Google store, have been downloaded by 12 million users.
Unlike the original malware, this new variant does not require administrator permissions or rooten el dispositivo, so any user who has installed one of the infected apps, has their phone compromised.
The aim of HummingWhale, which is the name of this new strain, it is about installing malicious applications to bombard users with advertisements. In this way, the cybercriminal makes a juicy sum of money (HummingBad, the original, reached the spectacular figure of 300.000 dollars per month).
In addition, to give credibility to the applications and make them appear legitimate, the malware uses the user's account to post fake positive reviews on the Google store and thus achieve better positioning in the search results.