Android users get a warning once again. Security researchers have discovered a brand new malware that’s infected more than 25 million Android devices. The malware is called Agent Smith, and the code has been able to make its way on to devices via sketchy apps, and it disguised itself and a Google-related application.
Techspot revealed that a press release coming from security firm Check Point explained that after Agent Smith becomes active on the device, the malware starts looking for common apps and it replaces them with malicious versions.
It also seems that the altered apps start showing fraudulent ads for financial gain.
“The malware attacks user-installed applications silently, making it challenging for common Android users to combat such threats on their own,” according to Check Point’s Head of Mobile Threat Detection Research Jonathan Shimonovich.
The online publication mentioned above also said that the vector can easily be used also for other harmful purposes such as spying and even stealing bank data.
Malware distributed via 9Apps app store
It’s been reported that most of the infections have been found in India and neighboring countries. It’s been distributed via 9Apps which is a third-party app store that is really popular in this specific region.
The online publication also cited the following data: “A dropper app lures the victim to install itself voluntarily,” said Check Point.
They continued and wrote, “Dropper variants are usually barely functioning photo utility, games, or sex-related apps.”
It also seems that over 15 million of the infections were from India, and around 300k devices in the US also had the malware installed on them.
The vulnerabilities that Agent Smith has been relying on were patched back in 2012, but it seems that a lot of apps have not updated the security in order to be able to take advantage of this useful fix.
This is why it’s also why it’s essential to keep your software updated.