Check Point discovers malware code that affected 25 million Android devices

Check Point discovers malware code that affected 25 million Android devices

The latest malware has infected over 25 million Android smartphones around the globe. The shocking thing to know is that this malware disguises as any of the popular apps on your phone where you believe that you are using a legitimate app but instead it is an evil version of it catered to showcase ads and earn revenue from it.

According to Israeli security company Check Point, the malware that has been dubbed as Agent Smith works by exploiting the weaknesses into the Android operating system and mainly install itself as any Google Installer or with a similar name. It prompts users to update their apps constantly which is how the malware escapes into the system and shows bad ads thereby help earn revenue from it which is then transferred to the hackers under the usual pay per click system.

According to Forbes, Agent Smith has already infected about 15 million Android users in India which affects as many as 300,000 in the United States and 137,000 in the United Kingdom. In fact, these malware target developing countries before proceeding to developed countries where the revenue for ads is higher than the developing countries.

The malware was reportedly sparked by a third-party app store called which is owned by Alibaba. People believe that the malware could be a way for Chinese to make people pay emphasis to the various Chinese apps as well. Although this malware has since been used to showcase ads, it could be used for any other purpose as well.

As clarified by Check Point, the malware hints its icon from the app drawer or home screen while it acts as a popular app that you have installed such as WhatsApp or Facebook, etc. Once the user clicks on the said app, ads start appearing on-screen which is the first hint towards malicious attack when using WhatsApp that doesn’t support any ads. There are a number of apps basically in the games, photo utility and the adult genre that helps spread the malware.

Google conducts takedowns on such apps on a daily basis, however, some apps do escape the clutches of Google’s strongest rules and regulations regarding distribution of apps which is why it has already taken down hundreds of apps downloaded more than a billion times this year alone.

Coming back to Agent Smith, Google has already started taking down such apps carrying this kind of malicious code in it. For those who are suspicious if their phone has been infected with the said malware or not, they can simply drive to the Settings app on their Android phone and go to Apps section to find apps that they haven’t or don’t remember installing. Pay emphasis to apps with names like Google Installer, Google Updater, Google Powers, or Google Installer for U among others since these are the apps that might carry this malicious code and must be dealt with right away.

Google scans its Play Store every day for malware and other threats. This means you must stick to downloading apps from the official Google Play Store only which is protected by the search engine giant although some apps might escape the clutches as said. Avoid using unofficial app stores, launchers, and use anti-virus programs to detect and quarantine such intruders right away.

Leave a Comment

Scroll to Top