Android malware infects 25 million phones.

What happened? 

Security researchers have uncovered a new form of Android malware that infects apps to replace parts of their code with its own – affecting as many as 25 million devices. It was discovered by researchers at security firm Check Point and dubbed “Agent Smith”, after the character in the sci-fi film The Matrix. The malware uses a trio of known vulnerabilities to infect devices and impersonate official apps, targeting multiple popular Android tools. Once in place, it uses its position to show fraudulent ads, rather than hoovering up your data. While it’s difficult to assign blame for such attacks, Agent Smith appears to come from a Chinese app company.

How will it affect you? 

There have been 137,000 infections in the UK, though there are usually several per phone, so fewer devices than that are actually affected. Indeed, the bulk of the infections have targeted victims in Hindi, Arabic, and Russian, Check Point’s researchers said. The victims installed dodgy apps from unofficial stores, thinking they were legitimate games or apps. As ever, the researchers warned that it remains dangerous to download apps from third-party stores or from other unknown sources. Most of the infections were spread via an unofficial app store called 9Apps. However, 11 apps with a version of the malware were spotted in the official Google Play store; they’ve since been removed.

What do we think? 

Such malware is difficult to prevent. Google appears to have acted quickly to remove infected apps from its own store, but it’s disappointing that they bypassed quality checks in the first place. App developers should also be apologizing because the bug that allowed “Agent Smith” to insert malicious code was patched several years ago, yet they failed to update their own apps, leaving users at risk. We expect better from professional developers.

Post a Comment

Previous Post Next Post