© Getty

Do you see an ad popping up while opening WhatsApp? If yes, then you are hit by a new malware called ‘Agent Smith’. The newly discovered Android malware has already infected 2.5 crore devices with most of the victims located in India where as many as 1.5 crore devices are infected.

Even in the US, nearly 3 lakh devices are said to be infected, making it one of the worst attacks on Android operating system in the recent memory.

The malware has been nicknamed, ‘Agent Smith’, owing to the methods it uses to attack an Android device without getting noticed.

The malware is known to only display advertisements and for now, it does not steal any data. According to the Israeli security firm, Check Point, the malware is “disguised as a Google-related application, and exploits known Android vulnerabilities and automatically replaces installed apps with malicious versions without users’ knowledge or interaction.”

The malware uses its broad access to the devices’ resources to show fraudulent ads for financial gain, but could easily be used for far more intrusive and harmful purposes such as banking credential theft and eavesdropping. This activity resembles previous malware campaigns such as Gooligan, Hummingbad and CopyCat, Check Point added.

In Pics: The scariest online scams and hacks

Online attacks and phone fraudsters: Scams are rife, especially online: in 2017 hackers stole $172 billion (£130.7bn) from 978 million people across 20 different countries, according to Norton. In fact, these days you're far more likely to be robbed online than mugged in the street. We take a look at this year's most notorious scams and online attacks.

(Slideshow by Lovemoney)

In general, the malware gets injected when a user downloads an app from a third party app store. The app installs the malware, masked as a legitimate Google updating tool. The installed app does not show off an icon on the screen. The legitimate apps like WhatsApp are then altered and replaced with an malicious update which then serve ads.

Malware has spread as several users give official Google Ply Store a miss and download apps from third party app stores like 9apps.com. It is targeted at mostly Hindi, Arabic, Russian, Indonesian speaking users. “So far, the primary victims are based in India though other Asian countries such as Pakistan and Bangladesh have also been impacted.

Also watch: Instagram, WhatsApp, FB fail to load

Replay Video

(Video provided by The Independent)

There has also been a noticeable number of infected devices in the United Kingdom, Australia and the United States,” said Check Point.

The malware is capable of hiding its icon from the phone’s launcher and can pose as any popular app like WhatsApp to serve advertisements. This is just one of the possible ways the malware can use the affected device to send money back to the hackers, as per a typical pay-per-click system.


Original Source