Bengaluru: Agent Smith malware infests 1.5 crore mobiles across country

In a letter on July 19, the IT department cited the information revealed by Check Point, a private cyber security firm, which discovered the malware replacing legitimate apps with malicious versions. The malware entered phones through apps downloaded from Google Play after exploiting the vulnerabilities without the user's knowledge or interaction.

In a letter on July 19, the IT department cited the information revealed by Check Point, a private cyber security firm, which discovered the malware replacing legitimate apps with malicious versions. The malware entered phones through apps downloaded from Google Play after exploiting the vulnerabilities without the user’s knowledge or interaction.

BENGALURU: With over 1.5 crore Android phones being infested with malware ‘Agent Smith’ across the country, the Information Technology Department has issued a circular informing the cyber crime police about the threats the malware poses to mobile users, eventually leading to data compromise.

In a letter on July 19, the IT department cited the information revealed by Check Point, a private cyber security firm, which discovered the malware replacing legitimate apps with malicious versions. The malware entered phones through apps downloaded from Google Play after exploiting the vulnerabilities without the user’s knowledge or interaction.

The malware, according to Check Point, has infested over 1.5 crore Android mobile phones and cyber experts say that it has continued to infest more mobile phones.

Though Google has announced that it has cleared its App Store of the malware, it is infesting mobile phones through unreliable third party app stores such as 9Apps (a third-party Android app store backed by UCWeb). The malware replaces the existing applications such as WhatsApp, Share IT, MX Player, JIOTV, Flipkart, Truecaller and Dailyhunt.

Most of the infections are on devices running Android 5 and 6 versions. The malware infects the device through unwanted advertisements/popups for mobile anti-virus, sex games, enhance selfie camera, etc… This collects personal information and banking credentials of the user.

Google has identified and removed 16 apps from the PlayStore, but it can’t wipe out these apps from an individual’s Android phone. The Android users are advised to download apps from reliable app stores, such as Google Play, and not from ‘Unknown Sources’. Cyber experts say that users generally download sex game apps, modified versions of apps and cheat code files from unknown sources which may lead to leaking of personal data.

It is advised not to install applications being sent as .apk files or in any other executable format in any message or link and keep operating systems running at the current released patch level. Users are advised to uninstall apps that are no longer in use.

[“source=deccanchronicle”]

Leave a Reply