Agent Smith Virus Infects 25 Million Android Phones: Know How to Save Your Phone from This Risky VirusJuly 11, 2019 10:18
Agent Smith virus is taking over Android phones across the world with infecting more than 25 million phones thus far worldwide.
The app spreads through the third-party app stores like 9Apps and once it is on a phone, it hides by changing its name to a regular-seeming application of Google Updater. Agent Smith usually hides in sex-related apps, games, and photography apps.
The information has been revealed by Check Point, a company that makes security apps and often provides guidance on cybersecurity threats. "Disguised as a Google-related application, the malware exploits known Android vulnerabilities and automatically replaces installed apps with malicious versions without users' knowledge or interaction... Dubbed Agent Smith, the malware currently uses its broad access to the devices' resources to show fraudulent ads for financial gain, but could easily be used for far more intrusive and harmful purposes such as banking credential theft and eavesdropping," noted Check Point.
Among 25 million phones infected worldwide, 15 million phones are in India itself since most of the third-party stores are often used by Indian Android users to download various applications or the modified version of apps.
As soon as the app has been installed on the phone, Agent Smith uses permissions given to it by users - as users often say yes to all permissions while installing an app - to modify its name to something that looks more "authentic" like Google Updater or Google Themes or something else with Google in it.
At the same time, Agent Smith also starts injecting its code into the bits of other popular apps like WhatsApp and Flipkart. This code is then used to serve more ads to users.
Given the way it works, detecting Agent Smith is very difficult. "The malware attacks user-installed applications silently, making it challenging for common Android users to combat such threats on their own," said Jonathan Shimonovich, Head of Mobile Threat Detection Research at Check Point Software Technologies. "Users should only be downloading apps from trusted app stores to mitigate the risk of infection as third-party app stores often lack the security measures required to block adware loaded apps."
How to Know If Your Phone Has Agent Smith or Infected with Virus?
Check Point says that it has informed Google about what it found on Agency Smith and that Google has cleaned the Play store to remove the apps that were infected with it. "So far, the primary victims are based in India though other Asian countries such as Pakistan and Bangladesh have also been impacted. Check Point has worked closely with Google and at the time of publishing, no malicious apps remain on the Play Store," the company notes.
But it is possible that your Android phone may have it. If you are getting too many ads on your phone, particularly sleazy or dubious ads, scan your phone with a good anti-virus app. Simultaneously, always follow good security practices. These are:
1. Don't download apps from third-party app stores like 9Apps. it's not worth it, even if you are getting an APK of a paid app for free. If it's free, do understand someone somewhere is benefiting from it. Always download apps from the official Google Play store.
2. If you suspect your phone is infected with Agent Smith, delete data of popular apps like WhatsApp and Flipkart by going into settings and reinstall these apps. Or rather do a factory reset.
3. Ideally, avoid sleazy apps or gaming apps from unknown sources.
4. While installing an app, carefully look at the permission it is asking for. Ideally, a gaming app should not ask for camera permission or photography app should not ask for network permission. Don't install an app if it seems suspicious.
By Sowmya Sangam