New Delhi -°C
Today in New Delhi, India

Oct 15, 2019-Tuesday
-°C

Humidity
-

Wind
-

Select city

Metro cities - Delhi, Mumbai, Chennai, Kolkata

Other cities - Noida, Gurgaon, Bengaluru, Hyderabad, Bhopal , Chandigarh , Dehradun, Indore, Jaipur, Lucknow, Patna, Ranchi

Tuesday, Oct 15, 2019

‘Agent Smith’ infects 15mln devices in India: 5 things you need to know about the malware

‘Agent Smith’ has affected over 25 million devices around the world. Disguised as Google app, the malware is capable of installing apps on the device with malicious versions without you ever finding it out.

tech Updated: Jul 11, 2019 16:44 IST
Kul Bhushan
Kul Bhushan
Hindustan Times
‘Agent Smith’ malware explained
‘Agent Smith’ malware explained(Checkpoint)
         

CheckPoint Research, a cyber security firm, has discovered a dangerous malware. Dubbed as ‘Agent Smith’, the malware has affected 25 million devices around the world. About 15 million mobile devices in India were infected by the malware, according to CheckPoint’s report.

What is Agent Smith malware, how it works?

The malware appears as a Google-related application and the core part of malware is capable of exploiting several Android vulnerabilities. The malware quietly replaces the original install apps with infected versions – without users’ knowledge or consent.

When and how was it detected?

CheckPoint researchers revealed they observed a steep hike in malware attack on Android devices in India earlier this year. After further investigation, researchers discovered a common pattern in the way malware works.

“The core malware is usually disguised as Google Updater, Google Update for U or “com.google.vending”. The core malware’s icon is hidden,” said researchers in a blog post.

Here’s how Agent Smith malware works
Here’s how Agent Smith malware works ( Checkpoint )

Researchers pointed out that “Agent Smith” droppers were mainly distributed through non-Google and Apple stores such as “9Apps” which is a UC-backed platform and is targeted at Hindi, Arabic, Russian, Indonesian speaking users.

What cyber criminals gain from the malware?

According to the report, Agent Smith malware can help hackers gain access to affected users’ critical data such as banking credentials. It can also eavesdrop on users without their knowledge. While the malware is unique, it does bare resemblance to similar Gooligan, Hummingbad and CopyCat malware campaigns.

Impact of Agent Smith

Researchers revealed the top five most infectious droppers had been downloaded over 7.8 million times. Some of these apps are Color Phone Flash – Call Screen Theme, Photo Projector, Rabbit Temple, and Kiss Game: Touch Her Heart.

India was one of the worst affected nations with 15 million devices. Researchers said other Asian countries such as Pakistan and Bangladesh were also affected. Countries such as the UK, US and Australia also suffered.

Should you be worried?

CheckPoint claims it has worked with Google closely to remove all such malicious apps from the Google Play Store. Users are advised to download applications from trust app stores and also avoid applications that are intrusive. For instance, a Flash or mobile torch app should not ask for permissions to access your contacts. Regularly visit Google’s privacy dashboard to keep an eye on your device activity. Two-step verification for important log-ins is a must for everyone.

WATCH: Xiaomi Redmi 7A UNBOXING

 

First Published: Jul 11, 2019 16:43 IST

top news