Android HummingBad Malware Back, Now Called HummingWhale

February 14th, 2017

It is an article of faith that Google’s Play Store and Apple’s iStore are the two safest sources for downloading apps. As good as their security routines are, however, they’re not perfect, and sometimes, things slip through the cracks.

The world got a painful reminder of their fallibility last year when a group of hackers managed to infect millions of Android devices by successfully dodging Google’s security and uploading poisoned versions of popular apps with a malware program called “Hummingbad.”

At peak infection, the Hummingbad app was generating more than $300,000 a month in profits for the hackers.

Once Google was made aware of the issue, it pounced and began the work of identifying the poisoned apps and cleaning up the Play Store to make it safe again.

That worked, but only for a while. The hackers are back with a new and improved version, dubbed “Hummingwhale,” which utilizes cutting edge technology and coding techniques to make it even harder to spot and stop.

As before, they’ve managed to get around the Play Store’s normally robust security and get the apps where they can be downloaded by the consuming public. Once again, the money is rolling in as millions of users are now re-infected.

Google is again moving swiftly and decisively to shut this latest strain down, but the trend is impossible to ignore. The hackers are relentless, and their attacks are increasing in complexity and sophistication with each passing year.

One thing we can be sure of is this: even if you and your employees managed to avoid getting infected by Hummingwhale, there’s always a new threat on the horizon, and it’s only a matter of time before someone in your organization gets careless and winds up infecting one of the devices they use to connect to your business network. With luck, it will only display a few annoying ads, but as you know, it could be very much worse than that.


Leave a comment!

Your email address will not be published. Required fields are marked *