Called Agent Smith, this malware has already infected 25 million Android devices globally with adware. It originated from the third-party app store 9apps, owned by Chinese conglomerate Alibaba. Reportedly, once a user downloads the affected apps, the malware disguises itself as a Google-related app, with a name like "Google Updater", and then begins the process of replacing code on legitimate apps on the device. "However, apps can circumvent the permission model and gain access to protected data without user consent by using both covert and side channels", wrote the researchers in a sprawling report. The malware quietly replaces the original install apps with infected versions - without users' knowledge or consent.
Apps that were modified include WhatsApp, Opera Mini, Flipkart, as well as software from Lenovo and Swiftkey. Google has now announced that they will fix this issue in the upcoming Android Q update which will be released later this year.
The infections also seem to be targeting Android devices used by Indian, Indonesian and Arabic users, but Check Point's cyber boffins did note some 300,000 devices in the U.S. were affected, so the malware doesn't appear constrained by borders.
Check Point also said the malware had made its way onto the Google Play Store through 11 apps, which Google has since removed. That Agent Smith has primarily infecting Android devices in the Asian subcontinent is reflective of both older unsupported Android versions and low-cost Android device manufacturers that don't provide security updates. The relevant apps have used detours in a code that collects personal data such as Wi-Fi connections and metadata in photos.
Ocasio-Cortez feud with Pelosi tests Democratic Party heading into 2020
Rightwing rabble-rousers are now taking that ruling and using it to challenge Democrats such as Ocasio-Cortez. Still, four first-term House Democratic women with high profiles - Tlaib, Ocasio-Cortez, Rep.
Malware that replaces victims' legitimate apps with a malicious doppelganger has infected 25 million devices across India and the USA say security researchers.
These apps are similar to the ones they replace, only with portions of their code changed to prevent them from being updated.
The study published on the FTC website cited 153 apps, including Samsung's Health and Browser apps, which collected certain data without permission.