VERY IMPORTANT

For five months, Check Point mobile threat researchers had unprecedented, behind the scenes access to a group of cybercriminals in China. This group created a malware that takes over Android devices and generates $300,000 per month in fraudulent ad revenue. The group effectively controls an arsenal of over 85 million mobile devices around the world. With the potential to sell access to these devices to the highest bidder, Check Point researchers say similar malware campaigns may become a trend. In February 2016, Check Point researchers first discovered HummingBad, a malware that establishes a persistent rootkit on Android devices, generates fraudulent ad revenue, and installs additional fraudulent apps. Since then, researchers saw an increasing number of instances in the wild and have traced the attack campaign’s source.