"Agent Smith:" The New Virus to Hit Mobile Devices (Jul 10, 2019)
Researchers at Check Point have identified a new mobile malware that has infected around 25 million devices. Mainly targeting users in Asian countries such as India and Bangladesh, the malware uses fraudulent adverts for financial gain. In order to deliver the malware on the mobile device, a user typically downloads a dropper disguised as a free game, that checks for applications on the device such as “MXplayer”, “Sharelt”, and “WhatsApp” which will be attacked at a later date. Using system vulnerabilities, the malware is installed unaware to the user, extracting an existing applications’ APK (Android Package file) and replacing it with malicious modules.
Recommendation: Users should exercise caution when downloading third party applications as they can lack necessary security measures. For users to remove the malware, under “Apps” select the suspected app and uninstall it.
Indicators of Compromise (IOCs) associated with this story can be viewed by ThreatStream users here to identify potential malicious activity.