Security researchers at Cheetah Mobile Security Research Lab believe they could have discovered one of the largest trojan families of all time, affecting millions of Android devices around the world when it was in full swing.
The mobile phone trojan family, known as “Hummer,” gained traction in early 2016 when it was infecting “nearly 1.4 million devices daily at its peak,” according to Cheetah Mobile. Hummer is thought to have originated in China relative to underground industry there, based on an email address linked to the domains used, and it saw 63,000 daily infections in China alone.
If the numbers are accurate, the Hummer trojan family could be one of the biggest ever. While the total number of new infections is dropping off, the average number of infected devices is 1,190,000—a larger number than any other mobile phone trojan. That’s bad news for Android users, but it means big bucks for the bad guys.
So, what exactly does the Hummer trojan do? For starters, it will root the phone (basically unlocking the OS) to gain admin privileges. This leads to frequent pop-up ads and background installation of unwanted apps, games, pornographic applications, and malware. Even if a user uninstalls these apps, the trojan will reinstall them.
So, what exactly does the Hummer trojan do? For starters, it will root the phone (basically unlocking the OS) to gain admin privileges. This leads to frequent pop-up ads and background installation of unwanted apps, games, pornographic applications, and malware. Even if a user uninstalls these apps, the trojan will reinstall them.
Perhaps the most astonishing information were the results of Cheetah Mobile’s test on the Hummer trojan. “In several hours, the trojan accessed the network over 10,000 times and downloaded over 200 APKs, consuming 2 GB of network traffic.” If your carrier throttles your data, you should hope and pray that you don’t have this trojan.
The top five most-affected countries, by number of infections, were as follows:
- India – 154,248
- Indonesia – 92,889
- Turkey – 63,906
- China – 63,285
- Mexico – 59,192
The 3 big takeaways of Hummer
- The mobile trojan family Hummer could be one of the largest ever, with the number of infected devices hitting 1.2 million.
- Hummer roots an Android device to gain admin control and installs unwanted apps, games, porn apps, and malware. In a few hours, it accessed the network more than 10,000 times and used 2GB of network data.
- Hummer cannot be removed even by factory resetting a device. Cheetah Mobile’s Killer app supposedly will remove the trojan, or users can flash their phone to remove it.