Cyber police cautions against Agent Smith malware spread

Cyber police cautions against Agent Smith malware spread
featured image

This article originally appeared in

Cyber police cautions against Agent Smith malware spread

Check Point Research, the Threat Intelligence arm of Check Point Software Technologies Ltd., a provider of cyber security solutions globally, has discovered a new variant of mobile malware that has quietly infected around 25 million devices, including 15 million mobile devices in India.

“Disguised as a Google related application, the core part of the malware exploits various known Android vulnerabilities and automatically replaces installed apps on the device with malicious versions without the user’s interaction”, explained Check Point.

Usman Rahim, Digital Security and Operations Manager for The Media Trust also commented on the growing threat of Agent Smith: “Agent Smith taps into the growing convergence of adware and malware”. This activity resembles previous malware campaigns such as GooliganHummingbad and CopyCat.

The android warning comes a week after it was revealed a million Microsoft Windows users were vulnerable to a highly spreadable ransomware attack dubbed BlueKeep. It is worth noting that Agent Smith disguises as Google-related app.

But the access could also be “used for far more intrusive and harmful purposes such as banking credential theft and eavesdropping”, Check Point warned.

“Indeed, due to its ability to hide its icon from the launcher and impersonate existing user-trusted popular apps, there are endless possibilities for this sort of malware to harm a user’s device”.

The malware has primarily three phases in its attack flow. However, they contain an encrypted malicious payload.

The applications include WhatsApp, FlipKart and Opera Mini, which the user has already installed. If any targeted application is found, Agent Smith will then attack those innocent applications at a later stage.

In past we have seen the outbreak of many malware and virus for Android device.

“Check Point added: “‘Agent Smith’ is being used to for financial gain through the use of malicious advertisements.

This malware was detected by Check Point research and after working with the Google to find out infected applications; Google have removed 16 apps from its Play Store.

First, it traps you by the attractive features and when you get all prepared to install it, It corrupts the authentic app and installs “agent smith” on the device. The game secretly replaces apps inside a users device with its infected versions. So, to be safe side check your mobile Android mobile phones and uninstall these apps from your mobile phones if these apps are installed on your phone.