According to a recent warning by a security research firm, there’s a new type of malware circulating on Android devices. The malware in question is being called ‘Agent Smith’ and was found by a security firm called Check Point this week.
Researchers chose to name the threat after the fictional baddie from the movie, ‘The Matrix’, owing to the fact that the agent could inhabit other people’s bodies at will. In a similar way, this malware sneakily replaces legitimate applications with fake, hacked versions.
By replacing the legitimate apps with fake ones, hackers can infiltrate the applications with their own product advertisements and profit from the advert hits they get from the app user. But the hackers are also capable of editing the code that allows applications to update, which means that they can avoid detection by avoiding software updates.
Researchers estimate that around 25 million Android devices have been affected to-date, with security breaches spread throughout countries that include India and Asia, Australia, the USA and even the UK.
“The malware attacks user-installed applications silently, making it challenging for common Android users to combat such threats on their own (…) Combining advanced threat prevention and threat intelligence while adopting a ‘hygiene first’ approach to safeguard digital assets is the best protection against invasive mobile malware attacks like ‘Agent Smith’.”– Jonathan Shimonovich, Head of Mobile Threat Detection Research at Check Point
According to researchers, this malware was able to proliferate by piggybacking on something called 9Apps, a third-party app store. Hackers embedded their code within illicit applications that helped to get the malicious code onto users’ devices. And once installed within a device, the malware covered its tracks by posing as a genuine application and replacing real code.
Avoiding malicious applications
According to tech site ‘The Verge’, the creators of this malicious malware tried to get similar applications into the Google Play store. However, the 11 applications used were all removed from the store by Google.
So although the ability to download Android applications from third-party sources is useful, this incident highlights the need to be careful where you obtain your apps from. Google has some of the most stringent security around when it comes to vetting applications uploaded to their store, but other sources aren’t always so good at security.
If you’d like to know more about Android security and how to keep your device free from malware, then get in touch with WiseGuys on 0808 123 2820.