The ‘Agent Smith’ malware has infected 25
million Android devices
Cyber-security firm Check Point has released new research
that shows that malicious apps from a campaign called “Agent Smith” have been downloaded
to 25 million Android devices.
The apps were distributed through third-party app stores by
a Chinese group with a legitimate business that helps Chinese developers
promote their applications on outside platforms. Check Point did not identify
the company, as they are cooperating with local law enforcement in regards to
About 300,000 devices in the U.S. were infected.
Most of the applications affected are games, though popular
apps including WhatsApp and the web browser Opera were also affected.
The malware works by copying the app, injecting its own
malicious code, and replacing the original app with the weaponized version. It
does this by using a vulnerability in the way Google apps are updated. The
hijacked apps would still work just fine, thus hiding the malware from users.
The “Agent Smith” malware was able to hijack other apps on
the phone to display unwanted ads to users because the malware was armed with
all of the permissions users had granted to the real apps. Showing unwanted ads
might not seem like a significant problem, but that same security flaw could be
used to hijack banking, shopping, and other sensitive apps.
Avirian Hazum, head of Check Point’s analysis and response
team for mobile devices stated, “The user wouldn’t be able to see any
difference, but the attacker could connect to your bank account remotely.
Hypothetically, nothing is stopping them from targeting bank apps, changing the
functionality to send your bank credentials” to a third party.
To keep your phone safe, it is recommended that Android users use ad blocking software on their phones, always update their devices with prompted, and only download apps from the Google Play Store.
As always, if we can be of help with your network or computer, give us a call here at RHYNO Networks. (855) 749-6648
Subscribe to our newsletter!
There is no form with title: "subscribe". Select a new form title if you rename it.
RHYNO Networks was designed to meet the needs of the IT marketplace. Specifically, to offer businesses skilled, timely IT services in order for them to focus on their business. We’re dedicated to the principles of Reliability, Innovation and Customer Service.