A new type of malware called Agent Smith silently infected 25 million mobile devices powered by Google’s Android operating system, according to Check Point Research, the Threat Intelligence unit of Check Point Software Technologies (NASDAQ: CHKP).
According to the cyber threat intelligence provider, Agent Smith appears as a Google-related app that exploits certain Android vulnerabilities. Android users are not aware that the malware spontaneously replaces installed apps with infected versions.
Additionally, Check Point Research found that the cyber criminals behind the malware are constantly looking for new vulnerability within the Android security environment.
Cyber criminals behind Agent Smith are showing fake ads on Android devices to make money
They are currently using Agent Smith to make money by showing fraudulent ads to the users of the infected mobile devices. However, they could use it for more harmful purposes such as eavesdropping and banking credential theft, according to the cyber threat intelligence provider.
Check Point Research noted that the malware primarily infected Android mobile devices (around 15 million) in India. Its original targets were Arabic, Hindi, Indonesian and Russian speaking users.
The cyber threat intelligence provider also noticed that a substantial number of Android mobile devices in Australia, Bangladesh, Pakistan, the United Kingdom and the United States have been infected with Agent Smith.
Download apps from trusted app store to prevent malware infection
“The malware attacks user-installed applications silently, making it challenging for common Android users to combat such threats on their own,” said Jonathan Shimonovich, the head of Mobile Threat Detection Research at Check Point Software Technologies.
He added, “Combining advanced threat prevention and threat intelligence while adopting a ‘hygiene first’ approach to safeguard digital assets is the best protection against invasive mobile malware attacks like Agent Smith.”
Furthermore, Shimonovich is reminding users that the best way to prevent the risk of malware infection is download apps only from trusted app stores. He said, “third party app stores often lack the security measures required to block adware loaded apps.”
Check Point Research is working closely with Google in investigating the malware.