A recent security report has confirmed that more than 25 million Android devices were infected by a newly discovered malware called 'Agent Smith.' According to the report, the malware is capable of replacing legitimately installed apps like WhatsApp.
The malware takes advantage of a previously known weakness discovered in the Android mobile operating system. This does not bode well for Google as the company is expected to write a patch in order to fix these vulnerabilities. From the looks of it, Google and it's Android team failed to patch the vulnerability, and now it has infected millions of users.
Based on the report, as much as 15 million Android devices were infected in India. In the United States, around 300,000 users were affected, and in the United Kingdom, at least 137,000 devices were infected. With these massive infections, the Agent Smith malware is one of the biggest threat to have hit the Android mobile operating system in recent years.
It would appear that the malicious app did not come from the Google Play Store, Android's online store. Instead, the malware spread through a third-party app which was traced down to have been hosted on 9apps.com, a website owned by the Chinese tech giant Alibaba.
This type of malware distribution is getting more and more popular, especially in developing countries. This method allows hackers to post their malware-infected apps on third-party stores which, unlike the official Google Play Store, do not perform the necessary security checks. It is no wonder why the malware was not able to completely penetrate the U.S. and U.K. market, because, in said countries, users usually download their apps on legitimate platforms like the Google Play Store.
According to the security report, the Agent Smith malware only serves malicious ads. While this is not exactly an alarming issue, it is important to note that the malicious party behind the attack can essentially do so much worse.
In a statement, Israeli security group Check Point warned, "Due to its ability to hide it' icon from the launcher and impersonates any popular existing apps on a device, there are endless possibilities for this sort of malware to harm a user's device."
The security group said that it had already informed Google and the necessary government authorities of this malware infection. Google has yet to comment about this malware infection. The group urged Android users to update their smartphone's operating system in order to make sure that they will not be infected by this malware.
