A new smartphone malware that has infected 25 million devices around the world, including 15 million in India has been recently discovered by a team of cyber security specialists. Being dubbed as "Agent Smith”, the malware camouflages itself as a Google-related application and then replaces the installed applications with pernicious versions of them utilizing known Android vulnerabilities without the users' knowledge.
'Agent Smith' utilizes its access to Android devices in order to display fake ads for financial gain, yet given its access, it can likewise be utilized for increasingly accursed purposes.
Checkpoint research team which specializes in analysing global cyber threats , notes that the activity of Agent Smith takes after how other malware like CopyCat, Gooligan, and HummingBad have operated in the recent years and each of the three campaigns have utilized infected devices to generate fake ad revenue 'to the tune of millions of dollars'.
'Agent Smith' is said to have been originated on prevalent third-party application store 9Apps and has focused predominantly on Arabic, Hindi, Indonesian, and Russian speakers. Majority of the malware's victims were reported to be from India and neighbouring nations like Bangladesh and Pakistan yet as indicated by certain confirmations there are quite a few infected devices in nations like Australia, UK, and USA too.
Some of the apps that have been utilized to infect devices by means of 9Apps store are Color Phone Flash – Call Screen Theme, Photo Projector, Rabbit Temple, and Kiss Game: Touch Her Heart, and Girl Cloth XRay Scan Simulator.
What's more is that, after the inceptive attack vector by means of 9Apps, the makers of Agent Smith shifted their focus towards Google Play Store and had the option to push at least 11 malware laden app in the store.
|Android apps infected with Agent Smith in Google Play Store and 9Apps|
While Google has removed all the apps from Google Play, users are cautioned against having any of these applications installed as they will be no doubt infected by the Agent Smith malware. Check Point Research adds further, saying that the Android users should only utilize trusted application stores to download applications as "third party app stores often lack the security measures required to block adware loaded apps."