Of the 10 million Android devices that Check Point has identified as being infected with malware called HummingBad, only 288,000 infected devices are in the U.S. Check Point, a venerable software security company, says that Hummingbad was developed by an otherwise legit Chinese software maker called Yingmob.
The malware takes over phones during website visits and is used to generate, according to Checkpoint, more than $300,000 a month in fraudulent advertising revenue. Potential vulnerabilities are far greater than the generation of false ad sales, as HummingBad acquries root access to the devices. The malware is capable of traveling borders easily, but it is so far most prevalent in China, India, Philippines, Turkey and Indonesia. China and India account for nearly 3 million HummingBad cases between them, more ten times the infections that have been seen in the U.S.