15 Million Android Devices in India Infected by Newly Discovered Malware, Check Point Research Claims
Check Point Research has also revealed the top mobile Malware of June 2019.
- The Malware was distributed through a popular third-party app store.
- It is similar to CopyCat, Gooligan, HummingBad Malware activities
- Agent Smith mainly targets Arabic, Hindi, Indonesian speakers
A new Smartphone Malware called “Agent Smith” has been found that has infected 25 million devices worldwide, including 15 million versions, checkpoint research claims. The Malware disguises itself as a Google-related application and then replaces installed applications with malicious versions using known Android vulnerabilities without users’ knowledge. Separately, the cyber threat has revealed the top three Malware of the intelligence agency, which was active in June, including Lottor, which is mainly used for advertising but also has access to sensitive user data.
According to a press note shared by Check Point Research, Agent Smith Malware uses Android devices access to fake advertising for financial gain but can be used for more immoral purposes, to give it access. However, it is Malware if it is unclear.
Checkpoint Research mentions that ‘Agent Smith’s activity closely related to how other Malware, like copyright, Gooligan, and HummingBad, have been operating in recent years. Three Malware campaigns have used infected devices to generate fake advertising revenue for millions of dollars.
“As an application related to Google, incognito exploits Malware known Android vulnerabilities, and automatically replaces malicious versions of installed applications without users’ knowledge or interaction.”
|Photo Credit Gadget360|
Some apps used to transmit devices through apps store are Color Phone Flash – Call Screen Theme, Photo Projector, Robt Temple, Key Games: Touch Heart and Girl Cloth XRay Scan Simulator.
After the initial attack vector through 9 Apps, it was not all, the creator of Agent Smith was transferred to the Google Play Store and was able to run at least 11 Malware-lad apps in the shop. The Blochman Go: Free Realms and Mini Games Blochman Go Studio, Ghost Rabbit Ludo Master – New Ludo Game 2019 FREE by Hippo Lab, A-Little Game Anti Virus, Bio Blast – Infiniti Battle: Angry Virus! Tape legend, Shooting jet by Gaming Hippo, Music Hero: The Gunman games free by SimpleFreeMiams, Clash of the brain Cuckoo virus, Star ranges by a small game, Crazy Jussiar – Juice Blast Global by Hot Knife Hit Games and Meet Games, and Sky Warrior: General attack
Some infected Google Play apps and games had more than 100,000 installations, but two of them had more than 10 million installations. All apps have been deleted from Google Play, however, if you have any of these apps installed then you may be infected with Agent Smith Malware. You can remove the Malware-loaded application by going to Settings> Applications and uninstalling the application.
Checkpoint Research says that Android users should use trusted app stores to download apps only because “third-party app stores often lack the necessary security measures to block adware-loaded apps.” You can find the technical analysis of Agent Smith Malware on the Check Point blog.
In a separate press note, Checkpoint Research said that Lotto, Tradera, and Ztorg topped the list of mobile Malware in June. Lotto’s main function shows ads, Trida is a modular backdoor for Android, which gives superuser access to downloaded Malware. Ztorg, on the other hand, gets enhanced features on Android devices and installs itself on the system directory. Able to install any other application on Malware device.