Beware, new mobile malware on the prowl, 15 million devices in India affected

Check Point Research, the threat intelligence arm of cybersecurity firm Check Point Software Technologies, has discovered a new variant of mobile malware that has quietly infected around 25 million devices, including 15 million mobile devices in India. Disguised as a Google-related application, the malware exploits known Android vulnerabilities and automatically replaces installed apps with malicious versions without users’ knowledge or interaction.

Dubbed “Agent Smith”, the malware currently uses its broad access to the devices’ resources to show fraudulent ads for financial gain, but could easily be used for far more intrusive and harmful purposes such as banking credential theft and eavesdropping. This activity resembles previous malware campaigns such as Gooligan, Hummingbad and CopyCat.