Malware originated from Chinese third-party app store
More than 100,000 UK Android devices have been infected by recently discovered type of malware originating in China.
The malware, which was discovered by security firm Check Point, has infected more than 25 million devices worldwide, 15 million of which are in India. It has also infected 300,000 devices based in the US.
It makes its way into apps and replaces them with malicious versions without users’ knowledge. It uses the apps to show fraudulent adverts for the malware operator’s financial gain, but Check Point said it could be used for credential theft and eavesdropping.
Check Point has dubbed the malware “Agent Smith”. It originated from the third-party app store 9apps, owned by Chinese conglomerate Alibaba.
“The malware attacks user-installed applications silently, making it challenging for common Android users to combat such threats on their own,” said Check Point Software Technologies head of mobile threat detection research Jonathan Shimonovich.
“Combining advanced threat prevention and threat intelligence while adopting a ‘hygiene first’ approach to safeguard digital assets is the best protection against invasive mobile malware attacks like “Agent Smith”. In addition, users should only be downloading apps from trusted app stores to mitigate the risk of infection as third party app stores often lack the security measures required to block adware loaded apps.”
Check Point also said the malware had made its way onto the Google Play Store through 11 apps, which Google has since removed. It has also notified the relevant law enforcement authorities.