‘Agent Smith’ is the new malware which replaces codes of Android apps, it already attacked 25 million devices

A new malware is attacking the Android devices and it is doing so by changing part of their code as its own. It has already affected nearly 25 million devices and the count is rising. The malware has been named as the ‘Agent Smith’ due to its method of attacking a device as well as to avoid detection.

Hackers Attack

This malware actually is not attacking these devices to hack their data but is instead making them display more ads than usual or take the credit for the already displayed ads.

Flow Diagram of Smith App

This way the operator of the said malware can earn the profit off of these fraudulent views. According to the people who discovered this malware, they said that this malware usually attacks well-known apps on Android devices such as Whatsapp, Flipkart or Opera Mini Browser. After it detects them, it attacks them and changes a portion of the code to prevent them from receiving updates.

Devices Effected with Agent Smith

Currently, the devices that are mostly affected are in India and its neighboring countries. The reason for the mass attack there is that in that region the people there use a third-party app store named 9Apps which is renowned in that particular region.

Dangerous sign of android app

The malware is not easily detectable as it lies perfectly hidden within the photo utility, sex-related apps or games. After a user downloads any of the following apps, the malware would then disguise itself as the Google related app with a title like Google Updater and then it starts its process to replace the original code.

 malware with nearly 15 million infected devices

While India is undoubtedly the most infected by this malware with nearly 15 million infected devices, this malware has now crept into the US as well and has been reported to have infected nearly 300000 devices already.

11 Apps in Google Play Store

It seems that the operator of this malware has managed to sneak in nearly 11 of the apps in the Google Play Store that have the simple version of the malware’s code. The malware remained dormant for a while but according to tech media, Google has already removed such apps from its Play Store.

Some researchers reported that this malware seems to be of Chinese origin and is run by a Chinese company that as aim to help other developers publish their apps on the global level.

Related Content

Privacy settings for macOS 13 one should enable as soon as possible

How to guide for transferring the older Android apps in a new smartphone

How to prevent the emails from getting tracked

Written by Suddl

Leave a Reply

Cryptocurrency exchange Bitpoint suffers a loss of 32 million dollars from hackers attack

Nearly 1,000 Google Assistant recordings got leaked and people are freaking out