Security researchers have discovered a new version of mobile malware called Agent Smith, which has affected more than 25 million Android devices.

New Malware named Agent Smith Infected 25 Million Android Devices


Under the application of a wizard affiliated with Google, criminals will list the known Android vulnerabilities that will automatically replace the installed application with malicious versions.

New Malware named Agent Smith Infected 25 Million Android Devices


The researchers found security researchers at Check Point and sought to make a profit by exposing fraudulent citizens.

There are at least three stages of toxicity

In the first stages, the hacker urges users to download a dedicated application that has been taught to be free games, service apps, and adult entertainment apps.

The original Edition has the Feng Shui Bundle in its store in the form of encrypted product files.

New Malware named Agent Smith Infected 25 Million Android Devices

In the second step, the server automatically converts and integrates its own virtual reality, using multiple vulnerabilities of non-user-connected systems.

In the third step, the main project starts with each application in the list of goals, you simply release the APK of the application and correct it and any other errors.

The computer system replaces the actual drive as if it were an upgrade.

According to the researchers, users were tempted to remove Agent Smith malware from a third-party app store used by 9Apps, backed by a UC team focused on Indian (Arabic), Arabic, Russian users and Indonesia.

The following cycle is made up of computers:



  • forklift
  • parents
  • you know
  • tray
  • AdSDK
  • Definition


New Malware named Agent Smith Infected 25 Million Android Devices

Mediation structure

According to the analysis, it is estimated that there are more than 2.8 billion perishables, almost 25 million unique devices.

The campaign received Android hackers from India with 59% death rates in other Asian countries such as Pakistan, Bangladesh, Indonesia and Nepal.

New Malware named Agent Smith Infected 25 Million Android Devices

The map is hot

The damage was also inflicted on many equipment in the US (300,000 equipment), Saudi Arabia (245,000 equipment), Australia (141,000 equipment) and the United Kingdom (137,000 equipment).

Researchers also said that they found that 11 tabs on the Google Play Store were in bad shape but not active.

"Because of this malicious mechanism of death that replaces current applications for tools and the harmful effects of these applications, users are reminded that the requests from the relevant application stores should be heard to reduce the risk."