WhatsApp infects millions of Android phones with malware

WhatsApp infects millions of Android phones with malware

According to the research team at Check Point, it is believed that a malware, which was monikered as Agent Smith by researchers at the security firm is said to have infected 25 Million Android phones all over. According to the researchers, the bad actors, who appear to originate from China, tried to expand operations into the Google Play Store and successfully planted 11 programs infected with an altered version of the malware.

Agent Smith specifically hunts for popular apps like WhatsApp. This is interesting as the malware is believed to be spreading from 9apps.com, which is a 3rd-party app store owned by Alibaba. The report says that about 1.5 million Android devices in India are affected by this malware. If it has seen apps that are on its list, it will quietly extract the app's APK, modify it with malicious code, and then install that infected copy to replace the original clean one. First, it can lure mobile users to download a dropper app that may be disguised as a free game, utility app, or something adult entertainment apps. Once the update is complete, the owner of the malware can then profit from the newly included ads.

These have all now been removed, but the researchers urged greater use of on-device threat prevention and "attention and action from system developers, device manufacturers, app developers, and users, so that vulnerability fixes are patched, distributed, adopted and installed in time".

Imagine an Android malware called Agent Smith.

More news: France levies 3 percent tax on major tech firms

Researchers have found more than 1,000 Android apps that skirt around data protection restrictions that "protect" consumer privacy, collecting data even when users deny permission to the app to access their information. OneDrive, for example, already recommends Word, PowerPoint, or Excel if a user opens a related file from it and doesn't already have any one of these apps installed.

Users should only download apps from trusted app stores to mitigate the risk of infection as third-party app stores often lack the security measures required to block adware loaded apps, he suggested.

Second way: To collect data using the second app: Some apps collect information without permissions using other programs that are based on similar software development kits.

While you explicitly inform an Android app, "No, you don't have permission to trace my cellphone", you most likely expect that it gained talents that let it do that.

Related Articles