Recently researchers from Check Point discovered a new variant of mobile malware that infected around 25 million devices. In early 2019, the Check Point Research team observed a surge of Android malware attack attempts against users in India which had strong characteristics of Janus vulnerability abuse, In this post,we take look at the key points and precautions to be taken against “Agent Smith” malware.
Quick Snapshot
“Agent Smith” gets the fresh list of applications to search for, or if that fails, it would use below default app list:
For each application on the list, “Agent Smith” infects the application using any of the available methods.After all of the required changes, “Agent Smith” compiles the application and builds a DEX file (executable file that contains compiled code for Android platform) containing both the original code of the original application + malicious payload.
Finally “Agent Smith” builds another APK file apart from the original APK file using Janus vulnerability:
“Agent Smith” would then replace the original application’s activities with an in-house SDK’s activity, which will show the ad banner received from the server.
The “Agent Smith” campaign is primarily targeted at Indian users, who represent 59% of the impacted population.
Check Point Research reported these dangerous apps to Google. Currently, all bespoke apps have been taken down from the Google Play store.
Like this post? Don’t forget to share it!
In the modern business landscape, marked by its fast-paced and globally interconnected nature, a robust…
The launch of VisionPro and the ongoing buzz of the Metaverse smart-glass launch are paving…
Writing software backed by artificial intelligence can create everything from emails to blog articles. AI…
In today's interconnected digital realm, cybersecurity stands as a paramount concern for organizations, irrespective of…
The cryptocurrency market is famed for its volatility, presenting each opportunity and demanding situations for…
Games since time immemorial have been winning at captivating the users and teleporting them onto…
This website uses cookies.