Cyber security solutions provider Check Point has revealed that around 25 million Android devices, including 15 million mobile devices in India, were quietly infected due to a new variant of mobile malware called as ‘Agent Smith’.
The Israeli cyber security research company Check Point said, “Disguised as a Google-related app, the malware exploits known Android vulnerabilities and automatically replaces installed apps with malicious versions without the users’ knowledge or interaction.”
The malware ‘Agent Smith’ is easily accessed by the device. It shows ads with financial profits to users, which can be used to thieve the users’ banking details. Interestingly, this malware is similar to Gooligan, Hummingbad and CopyCat.
“The malware attacks user-installed applications silently, making it challenging for common Android users to combat such threats on their own,” said Jonathan Shimonovich, Head of Mobile Threat Detection Research at Check Point.
It is to be noted that ‘Agent Smith’ was downloaded from the widely used third-party app store, 9Apps and targeted mostly Hindi, Arabic, Russian and Indonesian-speaking users.
“Check Point has worked closely with Google and at the time of publishing, no malicious apps remain on the Play Store,” said the company.
“Combining advanced threat prevention and threat intelligence while adopting a ‘hygiene first’ approach to safeguard digital assets is the best protection against invasive mobile malware attacks like Agent Smith,” said the report.
Additionally, users should only be downloading apps from trusted app stores to mitigate the risk of infection as third party app stores often lack the security measures required to block adware loaded apps.