Thread Rating:
  • 1 Vote(s) - 5 Average
  • 1
  • 2
  • 3
  • 4
  • 5
25 Million Android Devices Infected by ‘Agent Smith’ Malware
#1
Quote:Malware researchers discovered a new malicious campaign for Android devices that replaces legitimate apps with tainted copies built to push advertisements or hijack valid ad events.

Around 25 million devices have already been infected with what researchers have dubbed "Agent Smith," after users installed an app from an unofficial Android store.

Untrusted app sources
Victims are lured with the promise of photo utility, game, or adult app that carries a malicious package. Once on the devices, the bait app decrypts and installs Agent Smith.

The malware tries to hide its presence by posing as a utility from Google - Google Updater, Google Update for U or “com.google.vending,” and by concealing its icon from the user.

In the next stage, the malware checks for apps on the device that are also on a list that is either hardcoded or received from the command and control server (C2).

When a match is found, Agent Smith extracts the base APK and ads a malicious ads module. Then it replaces the original package with the tampered one, with the user being none the wiser.

SOURCE: https://www.bleepingcomputer.com/news/se...h-malware/
[-] The following 2 users say Thank You to silversurfer for this post:
  • dinosaur07, harlan4096
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:





[-]
Recent Posts
Microsoft Edge fixes 0-day vulnerability...
Microsoft released...harlan4096 — 10:12
AnyDesk 8.0.9
AnyDesk 8.0.9:   ...harlan4096 — 10:10
AMD Confirms RDNA 3+ GPU Architecture F...
AMD Zen5-based Strix...harlan4096 — 10:08
Adobe Acrobat Reader DC 24.001.20629 (Op...
Adobe Acrobat Read...harlan4096 — 10:06
FastCopy 5.7.5
FastCopy 5.7.5: ...harlan4096 — 10:04

[-]
Birthdays
Today's Birthdays
No birthdays today.
Upcoming Birthdays
No upcoming birthdays.

[-]
Online Staff
There are no staff members currently online.

>