Company Check Point have discovered a malware called Agent Smith. Malware uses known vulnerabilities in applications for Android smartphones, replacing in the programs original code on the fake. To identify the presence of malicious code, hence the name “Agent Smith” from the name of the character of the trilogy “the Matrix”.
After infecting popular applications (these include among other WhatsApp and Opera Mini, games, photo editors and sex-apps) the virus blocks the update to avoid removal of fake code. The victims were mostly users from India and some neighbouring countries.
Reason – in the app store 9Apps, through which extends “Agent Smith”. The developers of malware were trying to sneak into the Google Play Store, where there was a simplified version of the installer, but it didn’t work that way. To date Google has removed the fake apps from the database.
The bulk of the victims – 15 million – live in India, in USA there are about 300 thousand Infection vulnerable smartphones with outdated Android versions (5 and 6), indicating that the long existing problem of updates for this popular OS.
“Agent Smith” did not steal data, but only crossed the ad on what the developers of unwanted software and earned. Check Point suppose that the operator “Agent Smith” is a Chinese company which promotes the applications in international markets.