In a major cyber security scare, at least 1.5 crore Android devices in India have been infected by malware without the knowledge of the users. According to a report by cyber security solution firm Check Point Research, a new variant of mobile malware has quietly infected around 2.5 crore devices worldwide, including 1.5 crore mobile devices in India. The report claims that the malware is disguised as a Google-related application. As far as the payload is concerned, the malware exploits known Android vulnerabilities and automatically replaces installed apps with malicious versions on its own.
“The malware is dubbed as Agent Smith, uses broad access to the devices’ resources to show fraudulent ads for financial gain, but could easily be used for far more intrusive and harmful purposes such as banking credential theft and eavesdropping,” said Check Point in a statement. This activity resembles previous malware campaigns such as Gooligan, Hummingbad and CopyCat.
The “Agent Smith” was originally downloaded from the widely-used third party app store, 9Apps and targeted mostly Hindi, Arabic, Russian, Indonesian speaking users. So far, the primary victims are based in India though other Asian countries such as Pakistan and Bangladesh have also been impacted. There has also been a noticeable number of infected devices in the United Kingdom, Australia and the United States.
The company claimed that it worked closely with Google and there are no malicious apps on the Play Store.
“The malware attacks user-installed applications silently, making it challenging for common Android users to combat such threats on their own. Combining advanced threat prevention and threat intelligence while adopting a ‘hygiene first’ approach to safeguard digital assets is the best protection against invasive mobile malware attacks like ‘Agent Smith’,” said Jonathan Shimonovich, Head of Mobile Threat Detection Research at Check Point Software Technologies.
To avoid malwares like these Android users are recommended to download official Android apps only and avoid third-party app stores.