1. TechSpot is dedicated to computer enthusiasts and power users. Ask a question and give support. Join the community here.
    TechSpot is dedicated to computer enthusiasts and power users.
    Ask a question and give support.
    Join the community here, it only takes a minute.
    Dismiss Notice

More than 25 million Android devices infected with 'Agent Smith' malware

By Cal Jeffrey · 8 replies
Jul 10, 2019
Post New Reply
  1. According to a press release from security firm Check Point, once Agent Smith is active on the device, the malware looks for common apps and replaces them with malicious versions. The altered apps show fraudulent ads for financial gain.

    “The malware attacks user-installed applications silently, making it challenging for common Android users to combat such threats on their own,” said Check Point’s Head of Mobile Threat Detection Research Jonathan Shimonovich.

    The methods used are similar to other malware such as Gooligan, Hummingbad, and CopyCat. Check Point also says that the vector could easily be used for more nefarious and harmful purposes such as stealing bank information or spying.

    So far, most of the infections have been detected in India and neighboring countries because the malware is primarily distributed through 9Apps, a third-party app store popular in the region. The malicious code generally comes hidden within a “dropper” app.

    “A dropper app lures victim [sic] to install itself voluntarily,” said Check Point. “Dropper variants are usually barely functioning photo utility, games, or sex-related apps.”

    More than 15 million of the infections originate from India, but around 300,000 devices in the US reportedly have the malware installed as well. According to the researchers, the bad actors, who appear to originate from China, tried to expand operations into the Google Play Store and successfully planted 11 programs infected with an altered version of the malware. Google has since removed the malicious software.

    The vulnerabilities that Agent Smith relies on, Janus being one of them, were actually patched several years ago, but many apps have not updated their security to take advantage of the fix.

    “This application was as malicious as they come,” says Shimonovich. “Combining advanced threat prevention and threat intelligence while adopting a ‘hygiene first’ approach to safeguard digital assets is the best protection against invasive mobile malware attacks like Agent Smith. In addition, users should only be downloading apps from trusted app stores to mitigate the risk of infection as third-party app stores often lack the security measures required to block adware loaded apps.”

    Check Point has more information and a list of suspect apps on its blog.

    Permalink to story.

     
    Last edited by a moderator: Jul 10, 2019
  2. VitalyT

    VitalyT Russ-Puss Posts: 4,478   +3,037

    That's because Keanu Reeves is on iPhone these days.
     
  3. lexster

    lexster TS Maniac Posts: 466   +233

    No, he isn't.
     
  4. Rhythmattic

    Rhythmattic TS Rookie

    Haha... Only Human.....
    but if he's one of the 25 mil, The info would be Breathtaking....

    I was barracking for Android originally .. Then google bought it...... and placed there data mining BS low level...
    Not saying iOS is any better.... But, Its def more secure. Like it or not.
    .
     
    Last edited: Jul 11, 2019
    lexster likes this.
  5. lexster

    lexster TS Maniac Posts: 466   +233

    :laughing:(y) (Y)

    That depends greatly on the device we discuss. All iPhone are effectively equal, by design. However, not all Android devices are equal, again by design. You want a secure Android device? Buy a Blackberry model. They have yet to be cracked either by back-doors or by brute-force methods. Nokia's latest models have great security as well. Sony, Motorola, Lenovo, Blu(despite the nonsense a few years ago), Razer, Asus and LG are all great brands if you want a secure phone that also doesn't spy on you.
     
  6. Athlonite

    Athlonite TS Booster Posts: 135   +33

    "users should only be downloading apps from trusted app stores to mitigate the risk of infection as third-party app stores often lack the security measures required to block adware loaded apps.”

    Really and just how long were these apps on the google play store before they were pulled hmmm my point being in an ideal world those nefarious apps should never have even gotten on there in the first place google needs to up it's game in checking apps before allowing them out in public
     
    loki1944 likes this.
  7. Rhythmattic

    Rhythmattic TS Rookie

    I thought Blackberry using there own os went kaput?
    As for Google OS (android) , its exactly that..... Safe or not... They are doing stuff on mainstream devices im sure the general public aren't aware of.
     
  8. lexster

    lexster TS Maniac Posts: 466   +233

    True, they are not doing their own OS anymore. They have adapted Android for their own devices and services. I have one, love it. I have deliberately tried to infect it with malware, with no success. Blackberry is doing their thing and doing it well. If you want a secure Android experience, Blackberry is one of the best(if not THE best) option you can choose. Plus, they have physical keyboards which I like.

    Not true. Google has a very firm transparency policy about data collection. They collect only the data they need to do transactions with you and verify you with your account. Beyond that none of data they collect for showing ads or marketing services has any personally identifiable information in it. Users CAN control that data collection. The problem is that most people don't know this because of the tin-hat wearing nitwits crying foul without doing research.

    The real threat is the third party apps in the PlayStore. Far too many people are far too trusting. of apps just because they're on the PlayStore. Google does a certain amount of vetting, but bad apps still get through.
     
    Last edited: Jul 13, 2019
  9. Rhythmattic

    Rhythmattic TS Rookie

    Yep..Good point... An OS without Apps is Just that.... An OS. Thats the conundrum.....
     

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...