amazon ad

15 Million Android Phones in India Are Infected with Agent Smith Virus That ' Hides Inside Whatsapp' : What is it ? , Should you worry ?

Agent Smith virus is spread through third-party app stores like 9Apps , Aptoide  a malicious virus is infesting Android phones by hiding itself in apps like WhatsApp. Over 25 Million phones have been infested by Agent Smith World Wide and out of this 15 Million(1.5 Crore) Android Phone's have been infested by the Virus in India Only.

25 million Android phones have been hit with this malware that replaces installed apps like WhatsApp with evil versions that serve up adverts and adware cybersecurity researchers warned Wednesday.Once it is on a phone, it hides itself by changing its name to a regular-looking app like Google Updater.

The information has been revealed by Check Point, a company that makes security apps and often provides guidance on cyber security threats. "Disguised as a Google-related application, the malware exploits known Android vulnerabilities and automatically replaces installed apps with malicious versions without users' knowledge or interaction. 

Dubbed Agent Smith, the malware currently uses its broad access to the devices' resources to show fraudulent ads for financial gain .The malware abuses previously-known weaknesses in the Android operating system, making updating to the latest, patched version of Google's operating system a priority said by the Checkpoint(Cyber Security Company )

The malware has spread via a third party app store 9apps , which is owned by China’s Alibaba, rather than the official Google Play store. Typically, such non-Google Play attacks focus on developing countries, making the hackers' success in the U.S. and the U.K. more remarkable, Check Point said.

But third-party stores are often used by Indian Android users to download various apps, or the modified versions , Cracked apps of apps. The Agent Smith usually hides in sex-related apps, games and photography apps. Once the app has been installed on the phone, the Agent Smith uses permissions given to it by users and users often say yes to all permissions while installing an app  to modify its name to something that looks more "authentic" like Google Updater or Google Themes or something else with Google in it.

At the same time, Agent Smith also starts injecting its code into the bits of other popular apps like WhatsApp and E-com Site such as  Flipkart. This code is then used to serve more ads to users.

Does Your Android Phone is Infected with Agent Smith or  Whatsapp is infected with it . How to Know ?

Checkpoint says that they have informed Google Regarding the Agent Smith and they have provided all the information they had on it to the Google. 
Google has cleaned the Play store to remove the apps that were infected with it. "So far, the primary victims are based in India though other Asian countries such as Pakistan and Bangladesh have also been impacted. Check Point has worked closely with Google and at the time of publishing, no malicious apps remain on the Play Store," the company notes.

How to Detect the Malware 

Don't download apps from third-party app stores like 9Apps. it's not worth it, even if you are getting a Apk of a paid app for free. If it's free, do understand someone somewhere is benefiting from it. Always download apps from the official Google Play store.

If there financial ads showing on your Android phone then you may be affected with malware 

Uninstall Any Suspicious Apps

If  you have downloaded any app from outside the Google PlayStore it may contain malware and adware so uninstall that app if you find it suspicious. And other apps, especially free apps from small developers, may contain adware. So if you see apps you don't need, uninstall them, just to be safe. 

To uninstall apps, head into Settings > Apps and Notifications > All Apps then click on the app in question. This should bring up its dedicated screen with an uninstall button, which might be enough to remove the malware.

If the uninstall button is grey than the app has gained the admin access. so to remove it follow the steps.In this case, head to Settings > Security & location > Advanced > Device admin apps, and check if any apps are in that list that shouldn’t have such deep access. If so, you can tap on the app to deactivate it, which should allow you to uninstall it from the Apps & notifications menu.



Post a Comment