An Android-based malware campaign masterminded from China has snared as many as 85 million Android devices and is making the gang behind it an estimated $1m every quarter.
Security software and services company Check Point claimed that it has had its eye on the Yingmob gang for five months, describing it as sophisticated, well-staffed and highly profitable.
Its tool of choice is a piece of malware called HummingBad, and the group works alongside an official advertising analytics company, according to Check Point's From HummingBad to Worse report (PDF).
"HummingBad is a malware Check Point discovered in February 2016 that establishes a persistent rootkit on Android devices, generates fraudulent ad revenue, and installs additional fraudulent apps," Check Point explained in a blog post.
"Yingmob runs alongside a legitimate Chinese advertising analytics company, sharing its resources and technology. The group is highly organised with 25 employees that staff four separate groups responsible for developing HummingBad's malicious components."
The malware has parts that look like the YiSpecter problem that went after Apple users and the iOS landscape and mostly affected people in China. Check Point said that this is no coincidence and that the source is the same, suggesting that the gang is happy to pee on its own doorstep.
"Yingmob uses HummingBad to generate $300,000 a month in fraudulent ad revenue. This steady stream of cash, coupled with a focused organisational structure, proves that cyber criminals can easily become financially self-sufficient," added the firm.
"Emboldened by this independence, Yingmob and groups like it can focus on honing their skills. For example, groups can pool device resources to create powerful botnets, they can create databases of devices to conduct highly targeted attacks, or they can build new streams of revenue by selling access to devices under their control to the highest bidder."
Latest Tesla news: Tesla stock price tanks amid reports of 'widening probe' by SEC and claims the base Model 3 loses money
SEC 'probe' takes its toll on Tesla as new research suggests that Tesla loses $6,000 on every $35,000 Model 3
10nm Cannon Lake Core i3-8121U CPUs make a rare outing with Intel's NUC mini PC
'Notorious' Australian child hacker thought he had executed 'flawless' hack
The former employee says that Tesla fired him for bringing the accusations to management internally