Agent Smith infecting over 25m Android phones overwrote portions of their apps

Check Point an Israeli security firm describes one freshly found Android malware as overwriting its code onto parts of apps thus contaminating over 25m smart-phones. The malware given the name Agent Smith exploits earlier known security flaws within Android's operating system thus establishing the criticality of the OS' upgrade to Google OS' most recently patched edition, the firm says.

The majority of victims reportedly are inside India, with a huge 15m infected. However, the U.S. and the U.K. had over 300,000 and another 137,000 extra respectively, thereby making the malware an extremely severe threat which attacked Google's OS of late.

Agent Smith's discoverer, this year, Check Point claims the malware's operators were located in certain Chinese tech firm inside Guangzhou city. According to the researchers, the tech firm runs one front-end lawful enterprise which assists Chinese developers of Android apps to post as well as promote their applications in foreign platforms. www.ZDnet.com posted this, July 10, 2019.

Incidentally, Agent Smith has propagated through 9apps.com an intermediate app store under the ownership of China's Alibaba instead of the expected authorized source viz., Google Play Store. Normally, the kind of attacks via stores other than Google's Play concentrate on developing nations which actually increases the extraordinariness of the hackers' achievement within U.K. and USA, according to Check Point.

Further, when people took down these applications, certain malicious component contained in them and masked like one software development kit (SDK), would after sometime pull down and execute one more APK (Android app package) which had Agent Smith.

When loaded onto a contaminated phone, the malicious program would scrutinize apps that had been locally installed, while based on one internally prepared catalog of targets it'd overwrite the actual applications with copycat applications infested with ads.

Agent Smith instead of stealing data hacks applications, while forcibly makes them exhibit additional ads alternatively claims the already exhibited ads as its own in order that its owner may fraudulently earn profits thereof. Agent Smith on users' devices hunts for familiar applications viz., Flipkart, Opera Mini, or WhatsApp after which it overwrites them so their updating is impossible.

» SPAMfighter News - 7/24/2019