Check Point Research has just found out that about a new variant of mobile malware dubbed as ‘Agent Smith’ which it claims has infected approximately 25 million smartphones across the world out of which 15 million devices are estimated to be from India.
The malware which is disguised as a Google-related application exploits the known vulnerabilities of Android and replaces apps installed with their malicious versions without the knowledge of the user.
The Agent Smith mobile malware accesses the smartphone’s resources to show fraudulent ads for financial gains, however, it could be easily used for much more intrusive and harmful purposes like theft of banking credentials and secretly listening to conversations. The research firm said that this activity resembles some previous malware campaigns such as Gooligan, Hummingbad and CopyCat.
According to Check Point Research, the concerned ‘Agent Smith’ mobile malware was originally downloaded from 9Apps, which is a widely-used third-party app store. The malware has targeted mostly Hindi, Arabic, Russian and Indonesian users. As per Check Point’s findings so far, the primary victims are based in India, even though users in other Asian countries such as Pakistan and Bangladesh have also been affected.
The research firm says that there has also been a noticeable number of infected smartphones in the UK, Australia, and the US. It claims that it has worked closely with Google and at the time of publishing its report, there were no malicious apps left on the Play Store.