cxo voice
  • Home
  • News
  • Leaders Talk
  • Expert Opinion
No Result
View All Result
  • Home
  • News
  • Leaders Talk
  • Expert Opinion
No Result
View All Result
Leaders Talk and Latest Tech News | CXO VOICE
No Result
View All Result
Home News Cyber Security

Mobile Malware Agent Smith Infected 25 Million Devices: Check Point Report

Deepa Sharma by Deepa Sharma
July 11, 2019
Reading Time: 3 mins read
Mobile Malware agent smith infected mobile device
Share on FacebookShare on Twitter

New variant of mobile malware has infected around 25 million devices, in which 15 million are from India, according to cyber security firm Check Point‘s research report. Malware Agent Smith auto replaces already installed apps with malicious version without any user initiation completely silently, users have no idea of this app replacement. This unique on-device, just-in-time (JIT) approach inspired researchers to dub this malware as “Agent Smith”.

It disguised as Google normal apps, mobile malware exploits various known Android devices vulnerabilities and automatically replaces installed apps on the device with malicious versions without the user’s interaction.

Malware Agent Smith broadly using its access to the mobile devices as a resources to show fraudulent, spam ads for financial gain, but could easily be used for far more intrusive and harmful purposes such as financial banking login credential theft and eavesdropping. This activity resembles previous malware campaigns such as Gooligan, Hummingbad and CopyCat.

Mobile malware Agent Smith Attack flow

Mobile Malware agent smith infected mobile device

Head of Mobile Threat Detection Research at Check Point Software Technologies, Jonathan Shimonovich said “The malware attacks user-installed applications silently, making it challenging for common Android users to combat such threats on their own, Combining advanced threat prevention and threat intelligence while adopting a ‘hygiene first’ approach to safeguard digital assets is the best protection against invasive mobile malware attacks like “Agent Smith”. In addition, users should only be downloading apps from trusted app stores to mitigate the risk of infection as third party app stores often lack the security measures required to block adware loaded apps.”

Malware Agent Smith was originally downloaded from the widely-used third party app store, 9Apps and targeted mostly Hindi, Arabic, Russian, Indonesian speaking users. So far, the primary victims are based in India, approx 15 million devices infected with this mobile malware, Pakistan and Bangladesh devices also have been targeted and infected.

There has also been a noticeable number of infected devices in the United Kingdom, Australia and the United States. Check Point has worked closely with Google and at the time of publishing, no malicious apps remain on the Play Store.

ADVERTISEMENT

Agent Smith malware has a modular structure and consists of the following modules:

  • Loader
  • Core
  • Boot
  • Patch
  • AdSDK
  • Updater

As stated above, the first step of this infection chain is the dropper. The dropper is a repacked legitimate application which contains an additional piece of code – “loader”.

The loader has a very simple purpose, extract and run the “core” module of “Agent Smith”. The “core” module communicates with the C&C server, receiving the predetermined list of popular apps to scan the device for. If any application from that list was found, it utilizes the Janus vulnerability to inject the “boot” module into the repacked application. After the next run of the infected application, the “boot” module will run the “patch” module, which hooks the methods from known ad SDKs to its own implementation.

Mobile Malware agent smith infected mobile device
  • Read More: How to protect your children from advance cyber threats?
Deepa Sharma

Deepa Sharma

Senior Writer and Editor at CXO VOICE, She covers technology, cybersecurity, and financial and other tech news and updates. She can be reached at "deepa@cxovoice.com"

Related Posts

Security flaws Xiaomi
Cyber Security

Xiaomi Fixes the Security Flaws In Its Mobile Payment Mechanism

August 13, 2022
Avast secure Browser for android mobile
Cyber Security

Avast’s Introduces Android Mobile Browser With Full Data Encryption

April 8, 2020
Cyber Security

Facebook is the Most Imitated Brand for Phishing Attempts: Check Point

February 10, 2020
Microsoft Azure security Flaws by Check Point
Cyber Security

Two Security Flaws found in Microsoft Azure, Now Fixed: Check Point

January 31, 2020
CloudGuard
Cyber Security

Wipro and Check Point Software Join Hands to Deliver Cloud Security Solution, CloudGuard

November 6, 2018
Load More
ADVERTISEMENT

Expert Views

Credentials database theft, reused passwords dangerous entryway
Cyber Security

Can SASE be used as your initial defense against ransomware?

September 12, 2023
Smart Cities challenges and security
Cyber Security

Do our abilities match the ambitions of Smart Cities?

August 23, 2023
Why 5G Network Uptime is Essential for a Digitally Interconnected Society
Opinion

Why 5G Network Uptime is Essential for a Digitally Interconnected Society

July 18, 2023
Responding to cyberbullying with cyber confidence and resilience
Cyber Security

Responding to cyberbullying with cyber confidence and resilience

July 17, 2023
Five Ways All-Flash Data Centers Can Drive Sustainability Goals 
Opinion

Five Ways All-Flash Data Centers Can Drive Sustainability Goals 

July 7, 2023

Latest Updates

Airkit.ai

Salesforce to acquire Airkit.ai to boost AI capabilities

by IANS
1 day ago

Working in a post-pandemic world: What is the new normal?

25 million employees now returning to offices globally in the hybrid work era

by News Desk
1 day ago

Image Credit: Pixabay

IT spending in MENA region to reach $183.8 billion in 2024: Gartner

by News Desk
1 day ago

Samsung Huawei

Samsung, Huawei to drive mass adoption of foldable smartphones next year

by IANS
2 days ago

GenAI

GenAI to generate economic value worth $2.6-$4.4 trillion annually: Report

by IANS
3 days ago

SK hynix

US to ensure S. Korean chipmakers’ smooth operation regarding China curbs

by IANS
3 days ago

Get Latest Update

Subscribe to our mailing list to receives newsletter direct to your inbox!

ADVERTISEMENT

Leaders Inerviews

NewgenOne
Leaders Talk

NewgenONE bridges the gap between business users and IT teams with its low code capability: Varun Goswami

-
Interview with Prasanna Arikala, CTO, Kore.ai on AI chatbots
AI

Can AI chatbots enhance customer experience and reduce the cost of serving customers?

-
Rising cyber attacks pose a serious threat to Indian SMBs, says Zakir Hussain
Cyber Security

Rising cyber attacks pose a serious threat to Indian SMBs, says Zakir Hussain

-
Axis Bank's Cloud-driven digital banking solutions
Banking

Axis Bank doubles down on cloud based digital banking solutions

-

Entrepreneur

Samsung Electronics appoints its first female president

Inspiring Women Entrepreneurs in India (2022)

Technology Adoption For Entrepreneurs

Volunteering management is the need of the Hour

We bring business leaders' opinions and unique ideas on what’s happening in the market and its impact. Also, get the daily news, analysis, and insights.

Connect with us

Easy Links

  • Cryptocurrency
  • Event
  • Blockchain
  • Press Release
  • Resources & Downloads

Write Us

contact@cxovoice.com
  • Home
  • About
  • Contact Us
  • Advertise
  • Privacy & Policy
  • Feedback

© 2023 CXO VOICE

No Result
View All Result
  • Home
  • News
  • Leaders Talk
  • Expert Opinion

© 2023 CXO VOICE

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In

Add New Playlist

Our Spring Sale Has Started

You can see how this popup was set up in our step-by-step guide: https://wppopupmaker.com/guides/auto-opening-announcement-popups/