One of the most annoying aspects of malware is its tendency to replicate and spread. This allows him to switch from one device to another – and sometimes even achieve the status of a full-fledged epidemic. And just like a real disease, once malware is in enough systems, it becomes even more difficult to stop.
Even worse than the fast-spreading malware, malware is moving silently. A recent security threat has compromised millions of Android devices across India without users even knowing it is hitting them. Behind the scenes, it copies itself discreetly and replaces secure applications with compromised versions. In addition, the threat has crossed the ocean – and has already begun to infect phones right here in the United States!
With so many victimized devices, security researchers around the world are encouraging users to stay safe and avoid online spaces where the virus is hiding. We will explain what this malware does and what you need to know to avoid any risk of confusion.
What is AgentSmith Malware?
Named after the famous digital villain of Hugo Weaving's The matrix series, AgentSmith malware contains a talent that perfectly matches his name – the ability to copy himself and replace existing programs.
When an Android phone is infected with AgentSmith, the malicious software runs secretly in the background, without the knowledge of the user. Behind the scenes, it replaces the collection of user applications with modified copies containing a number of malicious codes.
Some of these doppelganger apps will display ads that would not normally be present – revenue-generating ads and revenue for hackers behind AgentSmith. In addition, many modified apps contain code that prevents the phone from updating and deleting them for the benefit of their real counterparts.
At the time of writing these lines, security analysts have discovered that at least 25 million devices in India had been infected with AgentSmith. This is where the malware seems to come from, but it is no longer contained in India.
After further investigation, the researchers discovered that 300,000 devices had been infected in the United States alone, and that more and more occurrences were occurring in countries such as the United Kingdom and Australia.
The virus seems to have begun its journey in the 9Apps application repository, which acts as an unauthorized third-party application store for Android. The site is extremely popular and does not present applications under the same control as the Google Play Store (a terrifying prospect in itself).
How can I stop AgentSmith?
You do not have to be Neo to get away from AgentSmith. At the moment, the threat appears to be largely contained by 9App's offerings, although hackers have attempted to download infected software from the Google Play Store at least 11 times recently. The problematic apps were however captured and deleted by Google.
Until now, the best way to protect yourself is to avoid downloading software from unknown places that could be compromised by hackers. Although the Google Play Store has had problems with faulty software in the past, it's still the safest place to get apps for your Android gadgets.
In addition, it is supported by Google itself, which means that problems with specific applications can be reported and handled in case of malware infection.
If you're not sure if your device has been assigned by AgentSmith, the best thing to do is to look at the ads that appear in the apps you run. If you see an unusual number of spammed or pornographic ads in apps that would not otherwise, AgentSmith may be hidden on your device.
The best solution for this scenario is a complete restore of your Android phone software and an update of the latest version of Android.
The matrix may "have you", but AgentSmith will probably not do it as long as you stay in the well-lit corners of the Internet. Just be sure to watch for suspicious ads on your device. You never know what could be hiding under the surface.
How to tell if your phone or tablet is infected with a virus or malware
Previously, it was limited to desktops and laptops. But now, more than ever, mobile gadgets are targeted by viruses, Trojans, malware, spyware, ransomware and adware. Just about any type of "ware" that cybercriminals can think of. Android gadgets, in particular, are more vulnerable to this type of attacks.
Click here and I'll tell you what to look for.