More than 25 million Android devices infected with 'Agent Smith' malware

Cal Jeffrey

Cal Jeffrey

Posts: 4,188   +1,430
Staff member
PSA: Security researchers have discovered a new malware infecting more than 25 million Android devices. Dubbed “Agent Smith,” the code makes its way on to a device through sketchy apps and then disguises itself as a Google-related application.

According to a press release from security firm Check Point, once Agent Smith is active on the device, the malware looks for common apps and replaces them with malicious versions. The altered apps show fraudulent ads for financial gain.

“The malware attacks user-installed applications silently, making it challenging for common Android users to combat such threats on their own,” said Check Point’s Head of Mobile Threat Detection Research Jonathan Shimonovich.

The methods used are similar to other malware such as Gooligan, Hummingbad, and CopyCat. Check Point also says that the vector could easily be used for more nefarious and harmful purposes such as stealing bank information or spying.

So far, most of the infections have been detected in India and neighboring countries because the malware is primarily distributed through 9Apps, a third-party app store popular in the region. The malicious code generally comes hidden within a “dropper” app.


Top 5 most infectious droppers.

“A dropper app lures victim [sic] to install itself voluntarily,” said Check Point. “Dropper variants are usually barely functioning photo utility, games, or sex-related apps.”

More than 15 million of the infections originate from India, but around 300,000 devices in the US reportedly have the malware installed as well. According to the researchers, the bad actors, who appear to originate from China, tried to expand operations into the Google Play Store and successfully planted 11 programs infected with an altered version of the malware. Google has since removed the malicious software.

The vulnerabilities that Agent Smith relies on, Janus being one of them, were actually patched several years ago, but many apps have not updated their security to take advantage of the fix.

“This application was as malicious as they come,” says Shimonovich. “Combining advanced threat prevention and threat intelligence while adopting a ‘hygiene first’ approach to safeguard digital assets is the best protection against invasive mobile malware attacks like Agent Smith. In addition, users should only be downloading apps from trusted app stores to mitigate the risk of infection as third-party app stores often lack the security measures required to block adware loaded apps.”

Check Point has more information and a list of suspect apps on its blog.

Permalink to story.

https://www.techspot.com/news/80885-more-than-25-million-android-devices-infected-agent.html

 
lexster said:
VitalyT said:
That's because Keanu Reeves is on iPhone these days.
Click to expand...
No, he isn't.
Click to expand...
Haha... Only Human.....
but if he's one of the 25 mil, The info would be Breathtaking....

I was barracking for Android originally .. Then google bought it...... and placed there data mining BS low level...
Not saying iOS is any better.... But, Its def more secure. Like it or not.
.
 
Last edited:
Rhythmattic said:
Haha... Only Human.....
but if he's one of the 25 mil, The info would be Breathtaking....
Click to expand...
:laughing:(y) (Y)

Rhythmattic said:
I was barracking for Android originally .. Then google bought it...... and placed there data mining BS low level...
Not saying iOS is any better.... But, Its def more secure. Like it or not.
.
Click to expand...
That depends greatly on the device we discuss. All iPhone are effectively equal, by design. However, not all Android devices are equal, again by design. You want a secure Android device? Buy a Blackberry model. They have yet to be cracked either by back-doors or by brute-force methods. Nokia's latest models have great security as well. Sony, Motorola, Lenovo, Blu(despite the nonsense a few years ago), Razer, Asus and LG are all great brands if you want a secure phone that also doesn't spy on you.
 
"users should only be downloading apps from trusted app stores to mitigate the risk of infection as third-party app stores often lack the security measures required to block adware loaded apps.”

Really and just how long were these apps on the google play store before they were pulled hmmm my point being in an ideal world those nefarious apps should never have even gotten on there in the first place google needs to up it's game in checking apps before allowing them out in public
 
  • Like
Reactions: loki1944
lexster said:
:laughing:(y) (Y)


That depends greatly on the device we discuss. All iPhone are effectively equal, by design. However, not all Android devices are equal, again by design. You want a secure Android device? Buy a Blackberry model. They have yet to be cracked either by back-doors or by brute-force methods. Nokia's latest models have great security as well. Sony, Motorola, Lenovo, Blu(despite the nonsense a few years ago), Razer, Asus and LG are all great brands if you want a secure phone that also doesn't spy on you.
Click to expand...
I thought Blackberry using there own os went kaput?
As for Google OS (android) , its exactly that..... Safe or not... They are doing stuff on mainstream devices im sure the general public aren't aware of.
 
Rhythmattic said:
I thought Blackberry using there own os went kaput?
Click to expand...
True, they are not doing their own OS anymore. They have adapted Android for their own devices and services. I have one, love it. I have deliberately tried to infect it with malware, with no success. Blackberry is doing their thing and doing it well. If you want a secure Android experience, Blackberry is one of the best(if not THE best) option you can choose. Plus, they have physical keyboards which I like.

Rhythmattic said:
As for Google OS (android) , its exactly that..... Safe or not... They are doing stuff on mainstream devices im sure the general public aren't aware of.
Click to expand...
Not true. Google has a very firm transparency policy about data collection. They collect only the data they need to do transactions with you and verify you with your account. Beyond that none of data they collect for showing ads or marketing services has any personally identifiable information in it. Users CAN control that data collection. The problem is that most people don't know this because of the tin-hat wearing nitwits crying foul without doing research.

The real threat is the third party apps in the PlayStore. Far too many people are far too trusting. of apps just because they're on the PlayStore. Google does a certain amount of vetting, but bad apps still get through.
 
Last edited by a moderator:
You must log in or register to reply here.

Similar threads

Daniel Sims
Windows 11 Android support ends next March
Replies
5
Views
186
trents
T
midian182
Counterfeiters caught in multimillion-dollar iPhone repair scheme
Replies
3
Views
193
Underdog
Underdog
D
Three malicious VPN extensions on the Chrome Web Store infected 1.5 million devices before...
Replies
11
Views
393
Nestea
N

Latest posts

Back