New Delhi: The newly discovered ‘Agent Smith’ Android malware has already infected 1.5 crore devices in India. Even in the US, nearly 3 lakh devices are said to be infected, making it one of the worst attacks on the Android operating system in the recent memory.
The malware has been nicknamed, ‘Agent Smith’, owing to the methods it uses to attack an Android device without getting noticed. The malware is known to only display advertisements and for now, it does not steal any data.
According to the Israeli security firm, Check Point, the malware is “disguised as a Google-related application, and exploits known Android vulnerabilities and automatically replaces installed apps with malicious versions without users’ knowledge or interaction.”
The malware uses its broad access to the devices’ resources to show fraudulent ads for financial gain, but could easily be used for far more intrusive and harmful purposes such as banking credential theft and eavesdropping.
In general, the malware gets injected when a user downloads an app from a third party app store. The app installs the malware, masked as a legitimate Google updating tool. The installed app does not show off an icon on the screen. The legitimate apps like WhatsApp are then altered and replaced with a malicious update which then serves ads.
It is targeted at mostly Hindi, Arabic, Russian, Indonesian speaking users. “So far, the primary victims are based in India though other Asian countries such as Pakistan and Bangladesh have also been impacted. There has also been a noticeable number of infected devices in the United Kingdom, Australia and the United States,” said Check Point.