Check Point for cyber security has revealed that there is a new malware targeting the Android operating system that uses new attack methods and avoids detection.
Malware agent Agent Smith uses known vulnerabilities in the Android system to replace apps that are installed on the device with malicious versions without having to interfere with users, said Arab Technologies.
The software is primarily aimed at devices in India and other Asian countries like Pakistan and Bangladesh and has suddenly hit around 25 million Android devices.
Programs use financial profits from malicious ads, but given its ability to emulate popular Android apps, researchers warn of the numerous possibilities of this type of malware to harm the user's device.
The infected apps, most of them, were distributed by a Chinese group claiming to help developers implement their applications abroad on external platforms like 9Apps.
The software was able to copy common phone applications, including WattsApp and the Opera Web browser, by injecting its own malicious code and replacing the original malware version with vulnerability in the way Google Apps was updated.
Once a user removes the infected software, they hide as a Google-related app called Google Update, then initiates the process of replacing the code and prevents the update of the original application that has hidden malware from users.
It looks like the malware developer has also tried to expand into the Google Play store by penetrating 11 apps that include code for a simpler version of malware.