Chevron icon It indicates an expandable section or menu, or sometimes previous / next navigation options. HOMEPAGE

Android malware infects 85 million devices

This story was delivered to BI Intelligence Apps and Platforms Briefing subscribers. To learn more and subscribe, please click here.

A new malware has infected 85 million Android smartphones, generating around $300,000 each month in fraudulent ad revenue for its creators, according to Check Point.

The malware, dubbed “HummingBad,” was first spotted in February and likely sprouted from a company in China. It infects Android devices undetected by setting up a permanent rootkit — a set of software tools that enable an unauthorized user to gain control of a computer system.

Android OS
BII

But security issues on Android are not new. This is because the third-party device makers and network operators that are responsible for deploying security patches when vulnerabilities are discovered, are often slow to provide updates. Subsequently, the Android ecosystem is fraught with security flaws, which results in a number of setbacks for Android:

  • It weakens platform security: Android devices receive only 1.26 updates per year on average, according to a study from the University of Cambridge. As a result, known vulnerabilities often go unpatched for extended periods of time. For example, patches for the Stagefright software bug that affected Android devices in 2015 only reached a fraction of Android's active user base of 1.4 billion. 
  • It makes it more difficult to innovate: Google regularly adds new features to its software, but new capabilities can work only if carriers and OEMs roll out updates for users. This makes it difficult for Android users to receive the same experience as one another and can damage the overall image of the platform.
  • It creates more work for app developers: Fragmentation is becoming a much larger issue for app developers because it is time-consuming and expensive to maintain an app for several different Android-operating systems. 

Google has taken numerous steps to make the Android ecosystem more secure for users. For example, the company announced in May that it would begin publicly ranking phone makers that use its OS, but lag on rolling out software updates. Nevertheless, security in the Android ecosystem will only significantly improve if device manufacturers and network operators make an effort to deploy updates in a timelier manner.

To receive stories like this one directly to your inbox every morning, sign up for the Apps and Platforms Briefing newsletter. Click here to learn more about how you can gain risk-free access today.

Mobile Apps and Platforms Android
Advertisement
Close icon Two crossed lines that form an 'X'. It indicates a way to close an interaction, or dismiss a notification.

Jump to

  1. Main content
  2. Search
  3. Account