A new mobile malware virus called Agent Smith has already infected more than 25 million devices, 15 million of which are in India.
Check Point found malware disguised as a Google-related app that uses Android and automatically replaces installed apps with malicious copies without users ‘knowledge or interaction, according to a July 10 blog post.
The behavior of the malware is very similar to the viruses Gooligan, Hummingbad and XeonCat, the post added.
Currently, malware uses its botnet to show fraudulent ads for financial gain, but experts have noted that hackers who create threats can easily use malware in more dangerous attacks, such as stealing bank credentials and listening.
“Malware attacks user-installed apps anonymously, making it very difficult for ordinary Android users to fight such attacks on their own,” the ChPo said. Jonathan Shimonovic, head of Mobile Threat Detection Research.
“Combining new threat prevention and hygiene first threat intelligence to protect digital assets is the best defense against mobile malware attacks like Agent Smith.
The first appearance of malware came through a popular third-party 9Apps store, and targeted mostly Hindi, Arabic, Russian speaking users.
It has since grown to include other Asian countries including Pakistan and Bangladesh along with a noticeable number of devices in the United Kingdom, Australia and the United States.
“With the latest mobile devices, downloading and installing apps – takes no more than 5 seconds, which makes the risk of installing malware even greater if you ‘re not careful – once you confirm the installation, it ‘s too late to change your mind.”
Cipot added that using software and functionality by millions of developers – and in many cases for free – is a normal practice, but users should fear the hidden danger of threat participants gaining access to many user interaction points through this practice.
Users should also fear that not every app store takes the lead in enforcing software development principles and naming conventions to reduce the likelihood that hackers will be able to post fraudulent apps in app stores.