‘Agent Smith’ is the new malware which replaces codes of Android apps, it already attacked 25 million devices -

A new malware is attacking the Android devices and it is doing so by changing part of their code as its own. It has already affected nearly 25 million devices and the count is rising. The malware has been named as the ‘Agent Smith’ due to its method of attacking a device as well as to avoid detection.

This malware actually is not attacking these devices to hack their data but is instead making them display more ads than usual or take the credit for the already displayed ads.

This way the operator of the said malware can earn the profit off of these fraudulent views. According to the people who discovered this malware, they said that this malware usually attacks well-known apps on Android devices such as Whatsapp, Flipkart or Opera Mini Browser. After it detects them, it attacks them and changes a portion of the code to prevent them from receiving updates.

Currently, the devices that are mostly affected are in India and its neighboring countries. The reason for the mass attack there is that in that region the people there use a third-party app store named 9Apps which is renowned in that particular region.

The malware is not easily detectable as it lies perfectly hidden within the photo utility, sex-related apps or games. After a user downloads any of the following apps, the malware would then disguise itself as the Google related app with a title like Google Updater and then it starts its process to replace the original code.

While India is undoubtedly the most infected by this malware with nearly 15 million infected devices, this malware has now crept into the US as well and has been reported to have infected nearly 300000 devices already.

It seems that the operator of this malware has managed to sneak in nearly 11 of the apps in the Google Play Store that have the simple version of the malware’s code. The malware remained dormant for a while but according to tech media, Google has already removed such apps from its Play Store.

Some researchers reported that this malware seems to be of Chinese origin and is run by a Chinese company that as aim to help other developers publish their apps on the global level.