‘Agent Smith’ Malware Has Infected 25 Million Android Phones: Report

A new variant of Android malware has quietly infected over 25 million devices across the world, while users are completely unaware.

Researchers at security firm Check Point have discovered a new type of malware called “Agent Smith”. Disguised as a Google App, the core part of the malware exploits various vulnerabilities and automatically replaces apps on your device with malicious fake versions.

It is believed that the ‘Agent Smith’ malware originated from China via an internet firm that helps Chinese Android app developers localize and publish their apps in foreign markets. It spread through a third-party app store called 9Apps which is popular in Asian countries.

How it Works

The apps that the malware tinkered with include WhatsApp, Opera Mini, Flipkart, etc. It detects which apps are installed, patches them with malicious ads and re-installs them on the device, making it look like its only updating. Once the “update” is complete the owner of the malware can then profit from the newly included ads.

In this case, Agent Smith is only being used for financial gain through malicious ads. However, Check Point believes that it can easily be used for more harmful purposes such as credit card theft.

Check Point has reported the issue to Google and law enforcement for further investigation, and at the time of writing, no malicious apps remain on the Play Store.

Need for a Security Solution

This is another example of why users should have a capable anti-virus installed on their phone to protect themselves.

Check Point says that malware like this, “requires attention and action from system developers, device manufacturers, app developers, and users, so that vulnerability fixes are patched, distributed, adopted and installed in time.”

If you’re looking for more details on “Agent Smith”, you can check out the full report here.