Categories: Digital LifeNews

Dangerous malware replaces code in existing apps to covertly infiltrate over 25 million Android devices

Cyber-security solutions provider, Check Point Research, discovered a new variant of an existing malware that targetted Android devices.

Named “Agent Smith” — after the character from Matrix — the malware was able to mimic and replace apps installed on a device without detection. It has covertly infected around 25 million devices, including 15 million mobile devices in India alone.

To put that into perspective, the total number of devices infected by the malware make up close to 90% of the population of Malaysia.

Made in China

The researchers have reason to believe that “Agent Smith” originated from a Chinese internet company located in Guangzhou with a front that claimed to offer services that help Chinese Android developers publish and promote their apps globally.

The malware is so advanced that it looks for popular apps installed on an Android device like WhatsApp, Opera Mini or Flipkart and then replaces the code in the app to prevent the app from being updated while at the same time exploit vulnerabilities in the system without the user’s knowledge or interaction.

Once it has successfully installed itself in a device, the malware uses the access it has to instruct the infected app to display more ads than normal or takes credit for the ads they already display. This allows the hacker responsible for the attack to make money from ad revenue.

While displaying more ads on your phone may seem harmless, Check Point Research warns that the malware could be easily altered for far more intrusive and harmful purposes such as stealing banking credentials and eavesdropping on conversations or messages.

Third-party app store

The main way the malware spreads itself is through a third-party app store called 9Apps and targeted mostly Hindi, Arabic, Russian, Indonesian speaking users. In India alone, over 15 million Android devices were infected.

Other Asian countries such as Pakistan and Bangladesh have also been impacted. There has also been a noticeable number of infected devices in the United Kingdom, Australia and the United States.

In the third-party app store, the malware would hide inside “barely functioning photo utility, games, or sex-related apps,” Check Point wrote.

The malware’s operator also appears to have attempted to make available the malicious app on the Google Play Store itself where it managed to sneak 11 apps that featured code related to a watered-down version of the malware.

“The malware attacks user-installed applications silently, making it challenging for common Android users to combat such threats on their own,” said Jonathan Shimonovich, Head of Mobile Threat Detection Research at Check Point Software Technologies.

He added that “users should only be downloading apps from trusted app stores to mitigate the risk of infection as third-party app stores often lack the security measures required to block adware loaded apps.”

The vulnerability that allowed the malware to infiltrate millions of Android devices has since been patched up. Check Point also said that it worked closely with Google to remove all the related malicious apps that existed on Play Store as well.

Recent Posts

Denza Z9 GT now in Malaysia for RM359k: Luxury sports EV with 600km of range

Denza Z9 GT is now officially in Malaysia after it was first demonstrated here over…

8 hours ago

Huawei MatePad Air 2026 with 144Hz PaperMatte OLED screen, six speakers previewed in Malaysia: Here’s what we know

Aside from launching the Huawei Pura 90s series, Huawei Malaysia also unveiled the MatePad Air…

12 hours ago

Gentari drops DC fast charging prices at select locations across Peninsular Malaysia

Gentari has announced a price cut for selected DC chargers across Peninsular Malaysia. EV owners…

14 hours ago

Gentari’s Ayer Hitam EV Charging Hub now upgraded with 7 DC Charge Points

Petronas Bandar Baru Ayer Hitam is one of the most popular EV charging hubs for…

22 hours ago

Proton Saga Cross AMA02 spotted undergoing testing at Federal Highway

We spotted a camouflaged car at Federal Highway earlier today that might be the new…

1 day ago

Huawei Pura 90s series arrives in Malaysia from RM3,699. Pro Max version gets a 200MP telephoto camera

Huawei has officially launched the Pura 90s series in Malaysia, its latest flagship camera phones…

2 days ago

This website uses cookies.