2.5 crore Android phones hit by critical malware: Details here
What's the story
More than 2.5 crore Android devices have been compromised by 'Agent Smith,' a critical malware that masquerades as a Google-owned product. The program sneaks into user devices without getting noticed and infects legitimate apps like WhatsApp and Flipkart to display fraudulent ads. Reports indicate it has already affected nearly 1.5 crore devices in India. Here's everything you need to know.
Details
Agent Smith spreads from games, photo, sex-related apps
The malware, first flagged and reported by Check Point Research, spreads through barely functioning apps and games downloaded from third-party app stores like 9Apps. Once the app is installed, its malware installs a fake Google Updater and stays hidden from the eyes of the users. Then, it looks for legitimate apps and compromises them without giving a hint to the user.
Infection
How legit apps are infected
The fake Google Updater scans the list of legit apps on the device and exploits Android vulnerabilities to replace their APK parts with malicious code. Basically, it switches a functional version of an app with a malicious one, designed to display ads. The malware can infect apps ranging from WhatsApp and Jio Chat to Truecaller and Flipkart without giving a hint of what's happening.
Attack
Then, the ads generate money for fraudsters
Though the malware-modified apps do not steal personal data or banking credentials, they force display ads on phones. This way, they illegally register ad views and generate profits for the masterminds behind the malware. Notably, the malicious program prevents the infected apps from being updated and appears largely focused on users in India and nearby countries.
Information
Plenty of devices compromised
Agent Smith has infected nearly 1.5 crore devices in India and has managed to make its way into the US, where some 300,000 devices have been affected. More worryingly, it had even entered Google Play Store through some 11 apps, which have now been removed.
Action
Google, law enforcement units informed about the malware
The researchers have informed Google and law enforcement agencies about the malware to curb its exploitation. But, here's the thing, Google had patched the vulnerabilities years ago; it is the developers who have not updated their apps to close the loophole. Hopefully, they will fix their apps considering the wild impact of Agent Smith in India and nearby nations.