Close to 25 million Android devices have been infected with a new, unique malware called “Agent Smith”. The malware leverages Android vulnerabilities for infection and replaces legitimate apps with malicious versions riddled with ads.
Discovered by security experts from Check Point Research, Agent Smith has targeted victims mainly in India (over 15 million devices) as well as other countries in South Asia. The malware campaign has also targeted users in the US and the UK.
How does it work?
More than just ads
Check Point’s experts suggest that the malware might be used for other activities apart from just pushing ads. “In this case, ‘Agent Smith’ is being used for financial gain through the use of malicious advertisements. However, it could easily be used for far more intrusive and harmful purposes such as banking credential theft,” wrote the experts in their report.
The experts also found that 11 apps on Google Play were dropping Agent Smith. Upon notifying Google, the apps were immediately removed from the platform.