Basically Agent smith is a google related app Agent smith malware Known android vulnerabilities and replaces automatically the installed app with malicious version without any interaction
Agent Smith malware infected 15mn Android devices in India.
Cyber security solutions provider Check Point on Wednesday revealed that Agent Smith – a new variant of mobile malware quietly infected around 25 million Android devices globally, including 15 million mobile devices in India.
They have changed their appearance as google related app Here the malware maker uses known Android vulnerabilities and interactions.
Agent Smith, the malware has been found to exploit known weaknesses in the Android operating system to replace acceptable installed apps on the device with harmfull versions without requiring user intervention.
Based on their research, Agent Smith has been found to please user to broad access privileges to display fraudulent ads and profit off them.Primarily targeting devices in India, and other Asian countries like Pakistan and Bangladesh, the malware has surrepitiously affected around 25 million unique devices, with each victim suffering “roughly 112 swaps of innocent applications.” The infections were mainly reported on devices running Android 5 and 6, with most infections lasting for a period of at least two months.
In its present form, Agent Smith is being exploited for financial gain by serving malicious advertisements. But given its capabilities to impersonate popular Android apps, the researchers caution that “there are endless possibilities for this sort of malware to harm a user’s device.”
Check Point researchers said they encountered the malware in early 2019 after observing a feeling of Android malware attack attempts against users in India. Complicating the matter is its stealthy infection methodology, which makes it hard to detect until a device has been compromised.
Hackers began to use 9Apps as a distribution channel for adware by building an array of dropper apps. 9Apps is a third-party Android app store backed by UCWeb, which Alibaba Group acquired in 2014. One of its most popular products is UC Browser web browser app with a strong presence in markets like China, India, and Indonesia.
The malware campaign, which began as a series of garden variety adware blasts, intensified during the later half of 2018, before dropping significantly earlier this year.