About 10 million Android devices globally, including 1.3 million in India, are estimated to have been infected by HummingBad malware, a report by security firm Check Point said.
As per the report, a group of cybercriminals in China - Yingmob - created the malware that takes over Android devices and generates USD 300,000 (over Rs 2.02 crore) per month in fraudulent ad revenue. Check Point discovered the malware in February.
The malware, it said, establishes a persistent rootkit on Android devices, generates fraudulent ad revenue and installs additional fraudulent apps.
More From This Section
Check Point estimates that even though 10 million smartphones have been affected by the malware, over 85 million users have downloaded the group's apps.
"Yingmob uses HummingBad to control 10 million devices globally and generates USD 300,000 per month in fraudulent ad revenue," it said.
An estimated 1.6 million devices in China, 1.35 million in India and 5,20,901 devices in the Philippines have been infected apart from those in countries like the US, Pakistan, Romania, Algeria and Ukraine, the report added.
Using the infected devices, a group can create a botnet, carry out targeted attacks on businesses or government agencies, and even sell the access to other cybercriminals on the black market, it said.
"Any data on these devices is at risk, including enterprise data on those devices that serve dual personal and work purposes for end users... Emboldened by financial and technological independence, their (cybercriminals') skillsets will advance - putting end users, enterprises, and government agencies at risk," it added.
Interestingly, most of the affected Android devices are running old versions. About 50 per cent of the affected devices run Android KitKat, while 40 per cent had JellyBean running on their smartphones.
About one per cent have the latest Android Marshmallow operating system, the report said.