The Silicon Review ^Asia

‘Agent Smith’, a new variant of mobile malware, has quietly infected 15 million mobile devices in India, Check Point revealed. It was reported by Hindustan Times on Wednesday.

Check Point is an Israeli-based cyber security solutions provider.

“The malware attacks user-installed applications silently, making it challenging for common Android users to combat such threats on their own,” said Jonathan Shimonovich, Head of Mobile Threat Detection Research at Check Point. Mr. Shimonovich was quoted by IANS.

The total number of devices infected globally is over 25 million, the cybersecurity solutions provider confirmed.

The malware, disguised as a Google-related app, exploits known Android vulnerabilities and automatically replaces installed apps with malicious versions without the users’ knowledge or interaction, the report said.

‘Agent Smith’ currently uses its broad access to the devices’ resources to show fraudulent ads for financial gain, but could easily be used for far more intrusive and harmful purposes such as banking credential theft and eavesdropping, the report said.

“Combining advanced threat prevention and threat intelligence while adopting a ‘hygiene first’ approach to safeguard digital assets is the best protection against invasive mobile malware attacks like ‘Agent Smith,’” thereport further said.

The malware was originally downloaded from the widely used third-party app store, 9Apps and targeted mostly Hindi, Arabic, Russian and Indonesian-speaking users, the report confirmed.