While advertising agencies strive to leave no stone unturned in the effort to spread their clients’ messages, could malware be just as lucrative?
Motherboard is reporting that cybersecurity company Check Point has uncovered information on a Chinese group called Yingmob that has disseminated mobile malware in widespread fashion.
Most interestingly and alarmingly, the company is running the scam in tandem with what is described as an apparently legit ad analytics operation.
“Listed as based in Beijing’s Chaoyang District, Yingmob, a subsidiary of MIG Unmobi Technology Inc., markets itself like any other advertising firm,” explains Motherboard’s Joseph Cox. “Its professional-looking website claims its easy-to-deploy ads support text, pictures, and video, and don’t affect the user experience. It offers pop-up, sidebar, and in-app adverts.”
However, Check Point’s report claims that part of the company—the “Development Team for Overseas Platform,” which employs a staff of 25 people—is responsible for malware purportedly named “HummingBad.”
Cox notes that estimates indicate that Yingmob is raking in a ridiculous $300,000 a month from its campaign, which enables malware to place ads into infected mobile devices. The subsequent clicks generate ad revenue.
For now, most of HummingBad’s victims are in China and India, although thousands of infections have also been seen in Turkey, Mexico, Russia, and, yes, the United States.