A mobile malware named 'Agent Smith', which replaces installed apps with malicious versions without user's knowledge, has infected 25 million Android devices globally, including 15 million in India, claimed Check Point Research.
Check Point Research is the threat intelligence arm of cyber security solutions provider Check Point Software.
"Check Point Research has discovered a new variant of mobile malware that has quietly infected around 25 million devices, including 15 million mobile devices in India," it said in a statement.
Check Point said it has worked closely with Google and at the time of publishing of the report, no malicious apps remain on the Play Store.
Disguised as a Google-related application, the malware exploits known Android vulnerabilities and automatically replaces installed apps with malicious versions without users' knowledge or interaction, it added.
It said the malware mostly targeted Hindi, Arabic, Russian, Indonesian speaking users.
"So far, the primary victims are based in India though other Asian countries such as Pakistan and Bangladesh have also been impacted. There has also been a noticeable number of infected devices in the UK, Australia and the US," it added.
Check Point claimed that the malware - dubbed Agent Smith - currently uses its broad access to the devices' resources to show fraudulent ads for financial gain.
It warned that the malware could easily be used for "far more intrusive and harmful purposes such as banking credential theft and eavesdropping".
"The malware attacks user-installed applications silently, making it challenging for common Android users to combat such threats on their own," Jonathan Shimonovich, Head of Mobile Threat Detection Research at Check Point Software Technologies, said.
Users should only download apps from trusted app stores to mitigate the risk of infection as third-party app stores often lack the security measures required to block adware loaded apps, he suggested.
(Edited by Rekha Balakrishnan)
Newer Android phones to get Google Assistant, and here's how it’s different from Google Now