Agent Smith Malware Affects 25 Million Android Devices
The world’s most popular mobile OS, Android has once again been subjected to a wide scale malicious attack. A security firm “Check Point” discovered a new malware which replace portions of known apps with its own code. Noteworthy, the malware has affected more than 25 milion devices around the globe, out of which 15 million are in India alone.
According to Check Point, the malware is named “Agent Smith” and is designed to target known vulnerabilities of the Android operating system. The application was revealed to partially replace code on legitimate apps with malicious code. Notably, the whole process was exectuted without the knowledge or permission of the device owner.
Surprisingly, the malware is not intended to steal user data, instead, it injected the infected apps with lines of code so that they display advertisements. The developer would earn ad credits whenever a user with infected applications would watch or click on the display advertisements. Therfore, the developer could gain monetary value with the whole scheme.
The reserach agency revealed that the Agent Smith malware mainly targeted well-known apps like WhatsApp and Flipkart, therefore, accounting for the astounding reach it had. The source of the malicious app was traced back to a third party application store which is called 9Apps. The malware was concealed in programs like games, video players and adult entertainment apps which have high demand.
Check Point also shared a donut graph that shows the distribution of malware on smartphones manufactured by OEMs. At over 26 percent, Samsung device owners carry the maximum share in the information representaion tool.
Aside from 15 million Indian smartphones, the malware was even able to spread onto 3,00,000 devices in the US. Surprisingly, the exploits used by the malware to execute the infection process were patched several years ago. However, a large number of developers did not update their respective applications.
This is just one security breach that has made out to the public. It wont be wrong to assume that several other cases like this still remain covered. Conclusively, in this day and era of widespread technology, nothing seems to be truly safe regardless of security measures that are implented.