A new hidden virus on Android has attacked well-known applications, replacing advertisements in them. Using an old vulnerability in the Android operating system, the malware attacked over 25 million smartphones.
Echoes of The Matrix
Experts called the malware "Agent Smith" - in honor of the negative hero of the cult trilogy "The Matrix". Like its cinematic prototype, the Agent Smith virus takes on any form. The malware was detected on the WhatsApp, Opera Mini and Flipkart platforms, where it replaced legitimate advertisements with its own ads.
At the same time, the applications themselves continued to work normally, so smartphone owners might not even notice that their device was infected. At the same time, Agent Smith in every possible way prevented updates of the attacked applications - this is how the viral code protects itself.
The main blow was taken by Asia - most of the attacks occurred on the territory of Asian countries. India has been hit hardest, where the new virus has spread to 15 million devices. Pakistan, Bangladesh and several hundred thousand other users in the United States were also affected.
Reason for infection
According to experts, the detected Android virus can be downloaded most often through unofficial stores with games and applications of dubious quality with barely working functionality. After "Agent Smith" gets into the smartphone, the virus tries to impersonate itself as a "normal" application in some way connected with Google, for example, calling itself Google Updater. Then the malware starts looking for applications that it could modify for itself.
All its "dirty deeds" the virus on the android was able to crank up thanks to the old OS vulnerability, which has already been fixed on smartphones running Android 7 and higher. Such a vulnerability made it possible to modify the code of Android applications without violating the digital certificate. Starting with the 7th version, the Android OS received a more secure Scheme v2. However, in Asian countries, many users still have smartphones running an unprotected operating system, which is why the number of Agent Smith infections in this area turned out to be so high.
Security researchers warn about the "left" app stores as the main source of virus programs for Android, especially since even the official Google Play platform periodically "catches" virus software. At the same time, the chance to keep Android free of viruses remains greater when applications are downloaded from official sources.
The Topic of Article: Latent Android virus has hit 25 million smartphones.