wordpress blog stats
Connect with us

Hi, what are you looking for?

Android malware infects 15 million devices in India

A newly discovered piece of Android malware which replaces portions of app code with its own code has quietly infected more than 25 million – of which 15 million devices are in India. Disguised as a Google-related app, the malware “exploits known Android vulnerabilities and automatically replaces apps with malicious versions without the users’ interaction or knowledge.” The primary victims are Indians, and also Pakistan and Bangladesh. The malware was downloaded from 9Apps – a third-party app store backed by UC Web – and targeted mostly Hindi, Arabic, Russian, and Indonesian speaking users. Dubbed “Agent Smith”, the malware seems to mainly India users, says Counter Point. It’s worth noting that one of UC Web’s popular products in UC Browser, and it has a strong presence in India, China, and Indonesia.

The malware was being used for financial gain via malicious ads, but could be used for more intrusive and harmful purposes such as banking credential theft, said Check Point. The malware is hidden inside “barely functioning photo utility, games, and sex related apps”. The majority of these apps are games, and others are related to adult entertainment, media players, photo utilities, and system utilities. After it was downloaded, the malware would disguise itself as “Google Updater” and with the icon hidden. The malware also tries to look for popular apps like WhatsApp, Lenovo AnyShare, SHAREitJio Play, Jio Chat, Jio Join, Opera Mini, Hotstar, Flipkart, Xender, Truecaller, among others, and then replaces portions of their code and prevents them from being updated automatically.

Among smartphone brands, Samsung saw the largest infections – making up for 26% of infections. This was followed by Xiaomi, Vivo, itel, Micromax, and others. The infections were mainly reported on devices running Android 5 and 6, with most infections lasting for a period of at least two months.

Infected apps found on Google Play Store as well

In the recent months, Check Point has also discovered 11 infected apps on the Google Play Store that contained malicious but dormant components used in Agent Smith. According to the researchers, this suggests that the hackers are beginning to use Google’s own app distribution platform to spread adware. Google has since taken down the apps after Check Point reported their findings.

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

You May Also Like


Senior journalist and news anchor Nidhi Razdan was all set to start teaching at Harvard University this year. But it turns out she appears...


The Competition Commission of India (CCI) has ordered a detailed investigation into Google’s payment policies and alleged manipulation into its practice within Play Store....


The US Department of Justice has charged six Russian officers of the notorious Russian Main Intelligence Directorate (GRU) for attempting to undermine 2017 French...


An Iranian-American businessman has accused two Indian companies — Gurugram-based CyberRoot Risk Advisory and Delhi-based BellTroX Info — of hacking into his email accounts...

MediaNama is the premier source of information and analysis on Technology Policy in India. More about MediaNama, and contact information, here.

© 2008-2018 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ

Subscribe to Daily Newsletter

    © 2008-2018 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ