malwareIt has always been basic and common advice that smartphone users should not download apps outside of their official app stores. This is because these apps aren’t protected by the same security measures put into place by the likes of Apple or Google, meaning that some of these apps could really be hidden malware.

That being said if you ever needed a reason to be more careful with your downloads, you might be interested to learn that according to a report from security company Check Point, they have discovered (via CNET) a Chinese malware called “HummingBad” that has reportedly infected over 10 million Android devices to date.

According to Check Point, “The first component attempts to gain root access on a device with…rootkit [software] that exploits multiple vulnerabilities. If successful, attackers gain full access to a device. If rooting fails, a second component uses a fake system update notification, tricking users into granting HummingBad system-level permissions.”

The goal here is used to generate fraudulent advertising revenue that they claim makes its creators as much as $300,000 a month through forced downloading of apps and clicking of ads. Making it worse is the report that claims that Chinese company Yingmob is behind it. The company has positioned itself as a company that deals with advertising analytics and is said to be worth millions in China.

Check Point says, “Yingmob may be the first group to have its high degree of organization and financial self-sufficiency exposed to the public, but it certainly won’t be the last.”

Filed in Cellphones. Read more about , and .