Malware Agent Smith infects 15 mn Indian devices: Check Point
Global cybersecurity provider Check Point Software Technologies has discovered a new malware that has allegedly infected close to 25 million devices in South Asia, with 15 million of them belonging to India.
Named as Agent Smith after a character from The Matrix movie, the malware comes disguised as a Google-related application and taps into Android vulnerabilities.
Agent Smith then automatically replaces installed apps with malicious versions without the knowledge of the users, a trait similar to the villain in The Matrix, who also happens to be a computer virus.
The malware then utilises its broad access to the devices’ resources to stream fraudulent ads that could lead to a financial cyberattack. Apart from engaging in ransomware-like attacks, the malware could also be used for far more intrusive and harmful attacks such as banking credential theft or eavesdropping and collecting sensitive information.
Check Point said that the activity of Agent Smith closely resembled previous campaigns such as Gooligan, Hummingbad and CopyCat.
“The malware attacks user-installed applications silently, making it challenging for common Android users to combat such threats on their own,” said Jonathan Shimonovich, head of mobile threat detection research at Check Point.
Shimonovich stated that the way to combat the malware would be to combine advanced threat protection and threat intelligence with a hygiene-first approach.
“In addition, users should only be downloading apps from trusted app stores to mitigate the risk of infection as third-party app stores often lack the security measures required to block adware-loaded apps,” pointed out Shimonovich.
Agent Smith had its origins in a third-party app store known as 9Apps and targeted mostly Hindi, Arabic, Russian and Indonesian users.
So far, the primary victims are based in India though other Asian countries such as Pakistan and Bangladesh have also been impacted, Check Point said. There was also a noticeable number of infections reported in the UK, US and Australia.