Check Point researchers have spotted a new type of mobile malware that roots Android devices with the purpose of generating fraudulent ad revenue for its operator. HummingBad is a complex rootkit whose components are encrypted, in an attempt to avoid being flagged by security solutions as malicious. The malware launches a sophisticated chain attack via a silent attack vector that is triggered by common events on an Android device, including booting up, a minute passing on the devices clock, or the screen being on the clock.”]
Source: https://grahamcluley.com/android-malware-fake-revenue/