At some point we seem to have become immune to the shock of large catastrophic events happening to our phone and devices. Sometimes it barely even registers as news.
This happens to be one of the times where it is registering as news but perhaps not as much as it should. A new malware, Agent Smith, has infected as many as 25 million Android devices, replacing installed apps with malicious versions of the same software without the user even knowing.
Agent Smith Poses as Installed Software
Security firm Check Point named the malware Agent Smith because of the crafty way it attacks devices without being detected. It has possibly infected up to 25 million devices.
Instead of stealing data from you, Agent Smith hacks the apps you already have installed on your Android phone or tablet and forces them to show more ads or will take credit for the existing ads to profit off them. According to Check Point, the malware looks for popular apps, such as WhatsApp, Opera Mini, etc., the replaces the code with its own code, preventing them from being updated.
Primarily, devices in India and its neighboring countries were infected by Agent Smith because it spread through a third-party app store popular in that area, hidden inside “barely functioning photo utility, games, or sex-related apps,” according to Check Point. After it’s downloaded, it shows up as being Google-related, then gets to work replacing code.
It also hit the United States, infecting more than 300,000 devices. There was an attempt by the malware’s operator to reach the Google Play Store, getting eleven apps with simpler code than the other version added. It was never activated there, though, and Google has since removed the infected apps.
Boris Cipot, senior security engineer at Synopsys Integrity Group, notes how easy it is to be infected. With downloading apps being a “five-second act,” he notes that “once you’ve confirmed the install, it’s too late to change your mind.”
Additionally, he explains that the spreading of malware through apps is a “widely accepted practice” because there is “access to many user interaction points” that can help an attacker spread the malware. “Since users often do not check details around what software is being used within the app and who created it, attackers have many opportunities to push their malware on user devices.”
Preventing Malware Attacks Through App Stores
Cipot suggests, “One way to remain vigilant against attacks is to only use app stores with strict application development policies and reviews. Be observant and cautious with regard to what you install on your mobile devices.
“Before confirming installation, have a look to see where the app comes from, if there are reliable sources reviewing the app, and investigate the default permissions.”
Were you hit by the Agent Smith malware? How do you plan to stay safe from it? Chime in to the comments below and let us know your experience.
