fraud

Hummer: An unexpected aspect of the rootkit

The key danger is the method the Hummer uses to achieve its goals. It roots a device and gains administrator’s privileges to install unauthorized software of its own discretion

Alexander Ermakovich
July 26, 2016

As you know there are great lots of cyber threats, all of them harmful in different ways. Financial kinds of malware are the most tangible for “end users” (if victims may be called that way). Firstly, they directly “pick pockets”, and secondly, banks get affected by them, too, not just customers suffer. But should we pay less attention to the other kinds of malware? We believe we must not.

For example, the Hummer Trojan has recently hit the headlines quite often. Actually it has nothing in common with financial malware. Hummer’s authors make money by installing unwanted applications and displaying ads. The question is what is the danger for the banks here.

Hummer: An unexpected aspect of the rootkit. #fraud #trojan
Tweet

Actually the key danger is the method the Hummer uses to achieve its goals. It roots a device and gains administrator’s privileges to install unauthorized software of its own discretion. Thus it gets unlimited access to the operating system with an opportunity to bypass additional security measures, to substitute legitimate applications for the fake ones, to make malicious changes to the installed programs. All that happens absolutely without the user’s knowledge.

The situation is complicated by the fact that the notorious Hummer has many ways of rooting and is very hard to get rid of. And it is not easy to detect if it infected a mobile device prior to the installation of a security solution. The rooted phone becomes vulnerable to multiple threats, not necessarily directly related to the Hummer Trojan. And attackers would surely take advantage of this vulnerability including attempts to access users’ bank accounts.

Hummer roots a device and gains administrator’s privileges to install unauthorized software of its own discretion.
Tweet

Of course, our solutions successfully detect and prevent any attempts of infection by various modifications of this Trojan – in case they are installed on the client’s mobile device. But banks had better act themselves and protect their own mobile apps by means of Kaspersky Lab’s technologies. Kaspersky Fraud Prevention for Mobile solution provides any banking application with a broad set of protection mechanisms that prevent the loss of funds even if the Hummer has already rooted the device. Firstly, KFP reveals installations of strange unwanted programs, and secondly it notifies the bank security system of a user with the infected device.

More details on Kaspersky Fraud Prevention here.

No More Ransom: A global threat requires international cooperation

Kaspersky Lab, the Dutch National Police, Europol, and Intel Security are joining forces to launch a new initiative to battle ransomware worldwide. The initiative is called “No More Ransom.”

Privacy & Kids

TARGETED SECURITY SOLUTIONS

Hummer: An unexpected aspect of the rootkit

Is it the boss – or is it a fraudster? Scams disguised as urgent orders from top brass

Pig butchering: large-scale cryptocurrency fraud

No More Ransom: A global threat requires international cooperation

Tips

Advertisers sharing data about you with… intelligence agencies

Watch the (verified) birdie, or new ways to recognize fakes

Switching to Kaspersky: a step-by-step migration guide

Is it the boss – or is it a fraudster? Scams disguised as urgent orders from top brass

Sign up to receive our headlines in your inbox

Home Products

Small Business Products

Medium Business Products

Enterprise Solutions

Securelist

Eugene Personal Blog

Encyclopedia