A new smartphone malware called “Agent Smith” has infected 25 million devices worldwide, including 15 million in India, claims Check Point Research, a cyber-intelligence firm.
The malware disguises itself as a Google-related application and then replaces installed applications with malicious versions using known Android vulnerabilities without the users’ knowledge, as per a report by Gadgets360.
Separately, the cyber threat intelligence firm has released the top three malware that were active in June, including Lotoor, which is mainly used to display ads, but is also able to get access to sensitive user data.
As per a press note shared by Check Point Research, the Agent Smith malware uses its access to Android devices to show fake ads for financial gain, but given its access, it can also be used for more nefarious purposes. However, it is unclear if the malware has been doing so.
Check Point Research notes that the activity of Agent Smith resembles closely to how other malware like “CopyCat”, “Gooligan” and “HummingBad” have operated in the recent years. All three malware campaigns have used infected devices to generate fake ad revenue to the tune of millions of dollars.
According to the research firm, Agent Smith originated on popular third-party app store 9Apps and has targeted mainly Arabic, Hindi, Indonesian, and Russian speakers. Majority of the malware’s victims are based in India and neighbouring countries like Bangladesh and Pakistan. Check Point Research has also found infected devices in countries like Australia, UK, and USA.
