Bad news: a malicious app has taken hold of about 10 million Android phones around the world, and it’s creepy.
Security specialist Check Point says the software, called HummingBad, can take root in your phone, collecting your personal data and making it act like you’ve clicked on ads that you haven’t.
Fortunately, there are steps you can take to see if HummingBad has roosted with you and started selling your information to the highest bidder. You can also get it off your phone, though the fix is only a few steps removed from “kill it with fire.” Best of all, you can make a change to keep yourself away from this danger in the future.
How to find out if your phone has HummingBad
We live in an age of malicious mobile apps, and cybersecurity companies have taken note. They’ve produced apps that can detect bad actors on your phone and flag them for you. It works a little like antivirus software on your computer. What’s more, some of these services can tell just by what an app does that it’s up to no good.
You have a range of options when it comes to this protective phone software, from Check Point’s own Zone Alarm to apps created by the likes of Lookout, AVG and Avast.
The tools for catching HummingBad on mobile phones are now public information, so any service worth its salt will be able to detect it.
How to kill HummingBad
If you find you’re the owner of one of the millions of infected phones (only 288,800 of which are in the US), you can get rid of it, but you’re not going to like the approach: factory reset.
Alternatively, if you’re a cybersecurity black belt with a specialty in malicious mobile apps, you could painstakingly remove it, said Dan Wiley, head of incident response at Check Point. But if you’ve read this far, you probably don’t have those skills.
So back up your files and contacts, write down your favorite apps, and then reset your phone.
How to prevent this from happening again
If you’re now looking at the generic wallpaper on your freshly reset phone, probably the last thing you want is a lecture. But Wiley has some advice you just might heed to keep this bad dream from becoming a recurring nightmare.
“The biggest thing I could say is, don’t download apps from untrusted stores,” Wiley said.
Most people in the US primarily buy their Android apps from the Google Play store, but in other countries, it’s more common to chance it by installing apps from other sources. These don’t have the same guarantees that come with apps that have gone through the Google vetting process, and can be shady.
That’s not enough to prevent this from ever happening again — hackers are clever like that — but it’s a good start.
[CNET]
I score this article 99.999999% for uselessness. THe only reason it doe not get 100% is that it got me to read it TWICE. This article is one of those condescending linkbait articles that when you think about it, gives you nothing really.
How do you tell if you have HummingBad? Any tool should tell you.
How do you kill HummingBad? Factory Reset.
How to prevent this from happening again? Don’t download apps.
No concrete way to tell if you have it, one DEFINITIVE way to remove it and no concrete way to prevent it happening? Since when was a score of 33.333333% a passing grade? Should we all just factory reset from time to time just to be on the safe side?
Please get us GOOD relevant articles. Try ZDNet instead of CNet.