Agent Smith: Malware that infects 25 million Android devices

Android devices were recently exposed to a new type of malware called Agent Smith, according to information security company Check Point, which said that the malware can modify many legitimate applications and provide them with the ability to broadcast malicious ads, which affected about 25 million Android devices.

Security reports indicate that the source of Agent Smith is a Chinese Internet company, with the aim of helping Android application developers in China publish and promote their applications in foreign markets. The developing company hides the malicious software in one of Google's own software, so that it then replaces the pre-installed legitimate applications with a special version that can To control it, experts named the new malicious software “Agent Smith” because its behavior resembles a character with the same name in Matrix movie The famous.

The new malware, “Agent Smit,” appeared for the first time in the 9Apps application store, which is not affiliated with Google, and targeted Android users in India, Pakistan, and Bangladesh. However, experts discovered that more than 303,000 infected devices were infected in the United States, and more than 137,000. Device in the United Kingdom.

The modified applications infected with the new “Agent Smith” malware included many famous applications, most notably WhatsApp, Opera Mini, and Flipkart, in addition to a number of Lenovo programs and the famous keyboard. SwiftKey The company developing the malware exploits the application through a new update that appears to be a legitimate update. Once the application is updated, pop-up advertisements can be displayed without any user intervention.

Check Point believes that the same Agent Smith malware can cause greater harm, including credit card theft, due to its ability to hide its icon and impersonate any popular applications on the device, and that the potential for harm from this malware is endless.

The information security company that discovered the vulnerability says that it contacted Google and law enforcement agencies, and that by the publication of the security report, there were no malicious applications exploiting the “Agent Smith” malware in the Google Play Store, but many applications on users’ devices were still infected, Although the original vulnerability that Agent Smith was based on was patched in Android years ago, developers did not update their apps.