cxo voice
  • Home
  • Technology
    • AI
    • Cloud
    • Telecom
    • Data Center
    • BPM
    • Blockchain
  • Finance
    • Banking
  • Cyber Security
  • View Points
  • Leaders Talk
  • News
  • Press Release
    • Submit Press Release
No Result
View All Result
  • Home
  • Technology
    • AI
    • Cloud
    • Telecom
    • Data Center
    • BPM
    • Blockchain
  • Finance
    • Banking
  • Cyber Security
  • View Points
  • Leaders Talk
  • News
  • Press Release
    • Submit Press Release
No Result
View All Result
Leaders Talk and Latest Tech News | CXO VOICE
No Result
View All Result
Home News Cyber Security

Mobile Malware Agent Smith Infected 25 Million Devices: Check Point Report

Deepa Sharma by Deepa Sharma
July 11, 2019
Mobile Malware agent smith infected mobile device

New variant of mobile malware has infected around 25 million devices, in which 15 million are from India, according to cyber security firm Check Point‘s research report. Malware Agent Smith auto replaces already installed apps with malicious version without any user initiation completely silently, users have no idea of this app replacement. This unique on-device, just-in-time (JIT) approach inspired researchers to dub this malware as “Agent Smith”.

It disguised as Google normal apps, mobile malware exploits various known Android devices vulnerabilities and automatically replaces installed apps on the device with malicious versions without the user’s interaction.

Malware Agent Smith broadly using its access to the mobile devices as a resources to show fraudulent, spam ads for financial gain, but could easily be used for far more intrusive and harmful purposes such as financial banking login credential theft and eavesdropping. This activity resembles previous malware campaigns such as Gooligan, Hummingbad and CopyCat.

Mobile malware Agent Smith Attack flow

Mobile Malware agent smith infected mobile device

Head of Mobile Threat Detection Research at Check Point Software Technologies, Jonathan Shimonovich said “The malware attacks user-installed applications silently, making it challenging for common Android users to combat such threats on their own, Combining advanced threat prevention and threat intelligence while adopting a ‘hygiene first’ approach to safeguard digital assets is the best protection against invasive mobile malware attacks like “Agent Smith”. In addition, users should only be downloading apps from trusted app stores to mitigate the risk of infection as third party app stores often lack the security measures required to block adware loaded apps.”

Malware Agent Smith was originally downloaded from the widely-used third party app store, 9Apps and targeted mostly Hindi, Arabic, Russian, Indonesian speaking users. So far, the primary victims are based in India, approx 15 million devices infected with this mobile malware, Pakistan and Bangladesh devices also have been targeted and infected.

There has also been a noticeable number of infected devices in the United Kingdom, Australia and the United States. Check Point has worked closely with Google and at the time of publishing, no malicious apps remain on the Play Store.

ADVERTISEMENT

Agent Smith malware has a modular structure and consists of the following modules:

  • Loader
  • Core
  • Boot
  • Patch
  • AdSDK
  • Updater

As stated above, the first step of this infection chain is the dropper. The dropper is a repacked legitimate application which contains an additional piece of code – “loader”.

The loader has a very simple purpose, extract and run the “core” module of “Agent Smith”. The “core” module communicates with the C&C server, receiving the predetermined list of popular apps to scan the device for. If any application from that list was found, it utilizes the Janus vulnerability to inject the “boot” module into the repacked application. After the next run of the infected application, the “boot” module will run the “patch” module, which hooks the methods from known ad SDKs to its own implementation.

Mobile Malware agent smith infected mobile device
  • Read More: How to protect your children from advance cyber threats?
Deepa Sharma

Deepa Sharma

Deepa Sharma is CXOVoice’s Managing Editor, overseeing all coverage technology, cybersecurity, banking, and financial coverage. She can be reached at [email protected]

Related Posts

TM Forum and Huawei
Press Release

TM Forum and Huawei Jointly Released Two Standard Reports:  AI for BSS and Software Marketplaces Reference Architecture

June 30, 2025
HCLTech OpenAI
Business

HCLTech Partners with OpenAI to Accelerate Generative AI Adoption for Enterprises

June 30, 2025
L&T Technology Services and thyssenkrupp
Business

L&T Technology Services and thyssenkrupp Steering Business Unit Partner to Establish a Global Software Hub

June 30, 2025
Business

Ericsson Strengthens ASIC Development in India with Major R&D Expansion

June 27, 2025
Osaka Sakai Data Center
Technology

HPE and KDDI Partner to Launch Osaka Sakai Data Center for AI Innovation by 2026

June 26, 2025
Tata Hackathon
Technology

Tata Technologies with AWS to Launch Engineering Hackathon Focused on Smart Mobility Innovations

June 26, 2025
Fujitsu
Press Release

Fujitsu’s Uvance Wayfinders consulting empowers customers to evolve business foundations leveraging data and AI

June 26, 2025
HCLTech AMD
Technology

HCLTech and AMD Unite for Next-Generation Technology Solutions across AI, digital and cloud

June 25, 2025
Load More
ADVERTISEMENT

Latest Updates

TM Forum and Huawei

TM Forum and Huawei Jointly Released Two Standard Reports:  AI for BSS and Software Marketplaces Reference Architecture

by News Desk
11 hours ago

HCLTech OpenAI

HCLTech Partners with OpenAI to Accelerate Generative AI Adoption for Enterprises

by Deepa Sharma
12 hours ago

L&T Technology Services and thyssenkrupp

L&T Technology Services and thyssenkrupp Steering Business Unit Partner to Establish a Global Software Hub

by News Desk
15 hours ago

Ericsson Strengthens ASIC Development in India with Major R&D Expansion

by News Desk
4 days ago

Osaka Sakai Data Center

HPE and KDDI Partner to Launch Osaka Sakai Data Center for AI Innovation by 2026

by Deepa Sharma
5 days ago

Tata Hackathon

Tata Technologies with AWS to Launch Engineering Hackathon Focused on Smart Mobility Innovations

by News Desk
5 days ago

Expert Views

Opinion

When AI Empowers Both Networks and Hackers: The New Battlefield for India’s Telecoms

May 20, 2025
Molly Sands AI
AI

AI RIP: 5 Things Knowledge Workers Will Say ‘Sayonara’ to in the Next Decade

March 8, 2025
multi cloud
Cloud

Multi-Cloud Made Simple: Strategies for Smart Business Management

March 5, 2025
Soft Skills
Opinion

Soft Skills and Technical Know-How: A Winning Combination in the Tech Industry

March 4, 2025
Digital Freedom
Cyber Security

Your Data, Their Gold: The Silent Battle for Digital Freedom

February 25, 2025

Get Latest Update

Subscribe to our mailing list to receives newsletter direct to your inbox!

ADVERTISEMENT

Leaders Interviews

Steve Wilson, GenAI Cybersecurity LLMs
Cyber Security

How effective is GenAI in cybersecurity? The role of LLMs and AI in security solutions. [Interview with Steve Wilson]

-
Interview on Counterfeit products with Nikhil Narayan
Leaders Talk

Advancements in ML & AI made it possible to detect counterfeit products in real-time, says Nikhil Narayan

-
Newgenone bridges the gap between business users and IT teams with its low code capability: Varun Goswami
Leaders Talk

Newgenone bridges the gap between business users and IT teams with its low code capability: Varun Goswami

-
AI chatbots, Prasanna-Kumar
Leaders Talk

Can AI chatbots enhance customer experience and reduce the cost of serving customers?

-

Entrepreneur

Samsung Electronics appoints its first female president

Inspiring Women Entrepreneurs in India (2022)

Technology Adoption For Entrepreneurs

Volunteering management is the need of the Hour

CXOVoice.com is a leading online publication for CXOs, entrepreneurs, senior leaders, developers, and industry professionals. Our coverage spans key sectors, including IT, technology, banking, finance, cybersecurity, engineering, and automobiles.

Connect with us

Easy Links

  • Cryptocurrency
  • Event
  • Blockchain
  • Press Release
  • Resources & Downloads

Write Us

[email protected]
  • Home
  • About Us
  • Contact Us
  • Advertise
  • Privacy & Policy
  • Feedback

Copyright © 2025 CXOVoice - All Right Reserved

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In

Add New Playlist

Our Spring Sale Has Started

You can see how this popup was set up in our step-by-step guide: https://wppopupmaker.com/guides/auto-opening-announcement-popups/

No Result
View All Result
  • Home
  • Technology
    • AI
    • Cloud
    • Telecom
    • Data Center
    • BPM
    • Blockchain
  • Finance
    • Banking
  • Cyber Security
  • View Points
  • Leaders Talk
  • News
  • Press Release
    • Submit Press Release

Copyright © 2025 CXOVoice - All Right Reserved