Dubbed Agent Smith, the malware replaces popular apps with fake ones and tricks the users, serving them advertisements according to cybersecurity researchers. Most of the victims are in India with more than 15 million users at risk from the malware if they don’t update their phones to the patched version of Android as quickly as possible.
The malware spread via a third-party app store called 9apps.com which is owned by Alibaba and based on that, the majority of the users who are at risk from this malware are outside of the U.S and Europe. So if a user downloads an app from that particular store, the malicious app will download itself in the background disguised as an update tool for the app which the user installed in question. Unknown to the user, the app can hide itself from coming up in the launcher or anywhere else on the phone.
The malware was found by an Israeli security group called Check Point and they have informed Google. The patch has been rolled out so if anyone of you has been using that app store to download any apps, should download the patch straight away. The malware itself isn’t limited to just serving ads, it can be exploited by hackers to do much more on your phone, as noted by Check Point researchers.