wordpress blog stats
Connect with us

Hi, what are you looking for?

, , ,

Android malware infects 15 million devices in India

A newly discovered piece of Android malware which replaces portions of app code with its own code has quietly infected more than 25 million – of which 15 million devices are in India. Disguised as a Google-related app, the malware “exploits known Android vulnerabilities and automatically replaces apps with malicious versions without the users’ interaction or knowledge.” The primary victims are Indians, and also Pakistan and Bangladesh. The malware was downloaded from 9Apps – a third-party app store backed by UC Web – and targeted mostly Hindi, Arabic, Russian, and Indonesian speaking users. Dubbed “Agent Smith”, the malware seems to mainly India users, says Counter Point. It’s worth noting that one of UC Web’s popular products in UC Browser, and it has a strong presence in India, China, and Indonesia.

The malware was being used for financial gain via malicious ads, but could be used for more intrusive and harmful purposes such as banking credential theft, said Check Point. The malware is hidden inside “barely functioning photo utility, games, and sex related apps”. The majority of these apps are games, and others are related to adult entertainment, media players, photo utilities, and system utilities. After it was downloaded, the malware would disguise itself as “Google Updater” and with the icon hidden. The malware also tries to look for popular apps like WhatsApp, Lenovo AnyShare, SHAREitJio Play, Jio Chat, Jio Join, Opera Mini, Hotstar, Flipkart, Xender, Truecaller, among others, and then replaces portions of their code and prevents them from being updated automatically.

Among smartphone brands, Samsung saw the largest infections – making up for 26% of infections. This was followed by Xiaomi, Vivo, itel, Micromax, and others. The infections were mainly reported on devices running Android 5 and 6, with most infections lasting for a period of at least two months.

Infected apps found on Google Play Store as well

In the recent months, Check Point has also discovered 11 infected apps on the Google Play Store that contained malicious but dormant components used in Agent Smith. According to the researchers, this suggests that the hackers are beginning to use Google’s own app distribution platform to spread adware. Google has since taken down the apps after Check Point reported their findings.

Advertisement. Scroll to continue reading.
Written By

I cover health, policy issues such as intermediary liability, data governance, internet shutdowns, and more. Hit me up for tips.

MediaNama’s mission is to help build a digital ecosystem which is open, fair, global and competitive.



Looking at the definition of health data, it is difficult to verify whether health IDs are covered by the Bill.


The accession to the Convention brings many advantages, but it could complicate the Brazilian stance at the BRICS and UN levels.


In light of the state's emerging digital healthcare apparatus, how does Clause 12 alter the consent and purpose limitation model?


The collective implication of leaving out ‘proportionality’ from Clause 12 is to provide very wide discretionary powers to the state.


The latest draft is also problematic for companies or service providers that have nothing to with children's data.

You May Also Like


Google has released a Google Travel Trends Report which states that branded budget hotel search queries grew 179% year over year (YOY) in India, in...


135 job openings in over 60 companies are listed at our free Digital and Mobile Job Board: If you’re looking for a job, or...


Rajesh Kumar* doesn’t have many enemies in life. But, Uber, for which he drives a cab everyday, is starting to look like one, he...


By Aroon Deep and Aditya Chunduru You’re reading it here first: Twitter has complied with government requests to censor 52 tweets that mostly criticised...

MediaNama is the premier source of information and analysis on Technology Policy in India. More about MediaNama, and contact information, here.

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ

Subscribe to our daily newsletter
Your email address:*
Please enter all required fields Click to hide
Correct invalid entries Click to hide

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ