'Agent Smith' 악성 코드에 감염된 2,500 만 개 이상의 Android 기기

ment 7/11 '19 posted (7/11 '19 edited) 뉴스 IT

• 파키스탄과 방글라데시와 같은 다른 아시아 국가들도 영향을 받고 있지만 주요 목표는 현재 인도에있습니다.

• 우리의 정보에 따르면, "Agent Smith"드롭퍼는 주로 인도 (힌디어), 아랍어 및 인도네시아 사용자를 대상으로하는 타사 앱 스토어 "9Apps"를 통해 확산됩니다.

• '스미스 에이전트 (Agent Smith)'라는 코드는 겉모습뿐인 앱을 통해 기기로 전달한 다음 Google 관련 애플리케이션으로 위장합니다.

• 1 천 5 백만 건이 넘는 감염이 인도에서 발생한 것이지만, 미국 내 약 30 만 대의 장치에도 악성 코드가 설치되어 있다고합니다.

• "드롭퍼 앱은 희생자가 자발적으로 설치하도록 유도합니다."라고 Check Point는 말했습니다.

• 연구원에 따르면 중국에서 유래된 것으로 보인 악의적인 행위자는 Google Play 스토어에 사업 확장을 시도하고 11개 프로그램을 개작된 버전의 악성 코드에 감염시키는 데 성공했습니다.

• 사용되는 방법은 Gooligan, Hummingbad, CopyCat 같은 다른 악성 코드와 유사합니다.

New Android malware replaces legitimate apps with ad-infested doppelgangers [www.zdnet.com]

Games Are Biggest Earners Among the 30 Billion Apps Downloaded in Q2 [www.digitaltrends.com]

25 Million Infected Devices: Check Point Research Discovers New Variant of Mobile Malware [www.checkpoint.com]

More than 25 million Android devices infected with 'Agent Smith' malware [www.techspot.com]

'Agent Smith' malware replaces legit Android apps with fake ones on 25 million devices [thenextweb.com]

25 Million Android Devices Infected by ‘Agent Smith’ Malware [www.bleepingcomputer.com]

‘Agent Smith’ malware has replaced Android apps’ code on 25 million devices [www.theverge.com]

newest replies popular replies

Open Wiki - Feel free to edit it. -

7/11 '19 answered

New "Agent Smith" Android malware replaces legitimate apps with ad-infested doppelgangershttps://t.co/K26lPNhNzJ pic.twitter.com/ndJPJwRBF5
— Catalin Cimpanu (@campuscodi) July 10, 2019

New Android malware replaces legitimate apps with ad-infested doppelgangers https://t.co/He108fov9l by @campuscodi
— ZDNet (@ZDNet) July 10, 2019

Agent Smith: A New Species of Mobile Malware - Check Point Research https://t.co/J0DRtPsoda
2,500万台に感染しているが被害者は全く気付いていないようで、使われている手法含めてなかなか読み応えのある記事ですね
— Neutral8✗9eR (@0x009AD6_810) July 10, 2019

Agent Smith (not Schmitt!!!): A New Species of Mobile Malware https://t.co/y9HZXnaqqv #InfoSec #Malware #Android #MobileSecurity
— Mr. Schmitt (@Partikelchen) July 10, 2019

Agent Smith, using Janus vuln to bypass APK integrity checks to drop adware. Adware often has full control of the system, it's like breaking into your house, and once inside and with full control, they decide to just drop an advert in your dining table.https://t.co/JcBYWLtX3z
— Danux Mitnick (@Danuxx) July 10, 2019

Check Point discovered a new variant of #mobilemalware that has quietly infected around 25 million devices, including 15 million mobile devices in India. #AgentSmith malware exploits known #Android vulnerabilities. https://t.co/88VsTxshFT pic.twitter.com/GvCmNpnZ8F
— Check Point Software (@CheckPointSW) July 10, 2019

'Agent Smith' malware replaces legit Android apps with fake ones on 25 million devices https://t.co/NWzTBJw61D
— TNW (@thenextweb) July 10, 2019

25 Million Android Devices Infected by ‘Agent Smith’ Malware https://t.co/fVhpPS23Ab
— Nicolas Krassas (@Dinosn) July 10, 2019

25 Million #Android devices infected by ‘Agent Smith’ #malware https://t.co/dk5XkImP6d
— Avira (@Avira) July 10, 2019

‘Agent Smith’ malware has replaced Android apps’ code on 25 million devices.

What a coincidence @Censelio @MattyLL https://t.co/UGxycnHxWk pic.twitter.com/hcvswefOgZ
— FJ Newman (@fj_newman) July 11, 2019

‘Agent Smith’ malware has replaced Android apps’ code on 25 million devices - The Verge https://t.co/5FVI35UZh3
— root (@rootsecdev) July 10, 2019

"Agent Smith" malware has replaced Android apps’ code on 25 million devices https://t.co/QSkUgwXecM pic.twitter.com/tKoKg4wvNX
— The Verge (@verge) July 10, 2019

"Agent Smith" malware has replaced Android apps’ code on 25 million devices https://t.co/w6vDMtSLqx
— Paolo Passeri (@paulsparrows) July 10, 2019

インドを中心にAndroidデバイスに広がっているマルウェアの名前が「エージェント・スミス」

アプリの一部分を書き換えて自分自身を増殖させていく様子がマトリックス・リローデッドでのスミスに似てるから

古い脆弱性だけどアプリの側で対応しないと防げないのでやっかい https://t.co/GRoyfRhOWy
— 堀正岳（めほり）@「知的生活の設計」 (@mehori) July 10, 2019

permanent link

Open Wiki - Feel free to edit it. -

7/11 '19 answered

'Agent Smith' 악성 코드에 감염된 2,500 만 개 이상의 Android 기기 https://t.co/K50cPB0i6U
• '스미스 에이전트 (Agent Smith)'라는 코드는 겉모습뿐인 앱을 통해 기기로 전달한 다음 Google 관련 애플리케이션으로 위장합니다.
— editoy (@editoy) July 11, 2019

New Android malware replaces legitimate apps with ad-infested doppelgangers https://t.co/k3oWr0wjFH via @ZDNet & @campuscodi
— Larry Dignan (@ldignan) July 11, 2019

Agent Smith #Android malware
- Uses Janus vuln to modify apps without altering their MD5 hash
- 25M users infected
- Sample : b4799ebc4c01d9f88c4a18c9b7ed052b3f0f7ec7be3508542c104de5a1a6e505https://t.co/rr97LkwNV5 by @_CPResearch_ pic.twitter.com/1SnocGGgE4
— Nikolaos Chrysaidos (@virqdroid) July 11, 2019

How cool was #AgentSmith in The Matrix? Pretty Cool!! However, not so cool as the latest species of mobile #malware to plague the @Android platform in India, Pakistan & Bangladesh, infecting an estimated 25 million devices so far. #TheMoreYouKnow https://t.co/ZFdlaRKBHn pic.twitter.com/GzQRToqGIW
— Adam Gordon (@Adam_ITProTV) July 11, 2019

'Agent Smith' malware replaces legit Android apps with fake ones on 25 million devices https://t.co/J2geKNzLFL
— TNW (@thenextweb) July 11, 2019

'Agent Smith' malware replaces legit Android apps with fake ones on 25 million devices https://t.co/9A5u1D0Xc2
— TNW (@thenextweb) July 11, 2019

25 Million #Android Devices Infected by ‘Agent Smith’ #Malware #infosec https://t.co/xikgobAxOA pic.twitter.com/TBOcZAQcvg
— TEAM CYMRU (@teamcymru) July 11, 2019

"Agent Smith" malware has replaced Android apps’ code on 25 million devices https://t.co/QSkUgwXecM pic.twitter.com/oddMe4ccXQ
— The Verge (@verge) July 11, 2019

25million #Android devices have been infected with the #AgentSmith #Malware. Here's who's at risk: https://t.co/llciuHBeew pic.twitter.com/jtenyqiWjG
— Identity Experts (@IdentityExperts) July 11, 2019

permanent link

Featured

Important Notice: Discontinuation of Our Wiki Service

Dear Valued Users,

We hope this message finds you well. We are writing to inform you of an important upcoming change to our services. After careful consideration and analysis, we have made the difficult decision to discontinue our wiki site, effective one month from 2024/04/30.

This was not an easy decision to make, as we understand the importance of the resources and community that have been built around our wiki. However, due to evolving market conditions and strategic realignments, we must redirect our resources and efforts towards other ventures that will allow us to serve you better in the future.

What This Means for You:

Access to Content: You will continue to have full access to all content on the wiki until the discontinuation date. We encourage you to save or migrate any content you wish to retain.
Final Date of Service: The wiki will become inaccessible starting 1st June 2024, after which all content will be permanently removed.

We are immensely grateful for the support and contributions of our user community throughout the years. The wiki is being retired, but our team will be back soon with new services and apps.

Thank you for being a part of our journey.

Warm regards,

editoy Inc.

Related

Featured