

The mobile platform is ubiquitous — enabling users to make online transactions, run their everyday lives, or even use it in the workplace. It’s no surprise that fraudsters and cybercriminals would want to cash in on it.
This was recently exemplified by the Agent Smith campaign.
Agent Smith is the latest in a long line of malware campaigns designed to infect users’ mobile devices. It begins when embedded inside legitimate-looking applications like photo apps, gaming titles, and/or adult-themed software. Agent Smith was revealed to have compromised 25 million handsets across the globe including many in the U.S.
Once a user installs one of these apps, the malware will get to work, exploiting vulnerabilities in the Android operating system. It extracts a list of all the legitimate apps that the user has installed on their phone and then sets about replacing them with identical-looking but malicious versions. If a device gets infected with Agent Smith, it will then go on to hijack the apps to show unwanted ads – thereby generating the hackers' money.
Adware is just one of the ways attackers victimize unsuspecting users. Attackers are always looking for ways to get malware onto consumers’ devices, and may perform the following tactics:
As mobile devices become more and more necessary for everyday transactions, security should be the utmost priority for any mobile device owner.
Copyright © 2023 SCORE Association, SCORE.org
Funded, in part, through a Cooperative Agreement with the U.S. Small Business Administration. All opinions, and/or recommendations expressed herein are those of the author(s) and do not necessarily reflect the views of the SBA.