Yesterday, July 10, cyber security agencies issued a warning about a malware called Agent Smith that is affecting about 25 million Android phones.
This malware can take advantage of Android OS weaknesses to launch attacks. Once installed, it will use malicious versions of ads pre-installed to replace applications like Whatsapp.
Agent Smith spreads through the third-party application store 9apps.com, owned by Alibaba Group (China), not from Google Play. Most victims of this malware are located in India with 15 million affected. In the US, 300,000 Android smartphones are infected and 137,000 in the UK.
According to security researchers, Agent Smith could not control the harmful ability because it runs in the background and does not appear on the phone interface.
A typical attack works like this: When a user accidentally downloads and installs an application that contains a virus, it can be an image editing utility, a game, or an adult application. The app silently installs malware, then disguised as an official Google update tool. It is difficult for users to detect anomalies because no icons appear on the Android interface. Fake apps will then replace legitimate apps for hackers to spread ads. When users accidentally click on the ads, hackers will receive money.
Israeli security firm Check Point said that Agent Smith was developed by an anonymous Chinese company based in Guangzhou to help Android app developers in this country promote their products on overseas platform.
Researchers have warned Google, Alibaba and related agencies but have yet to receive a response.
How to detect malicious Agent Smith
Aviran Hazum, chief of analysis and feedback at Check Point, said Android users should detect ads appearing at odd times, such as when opening WhatsApp, be careful and perform the following actions. here:
Access to the settings -> Select Applications and notifications -> go to the Application information list and check. If there are suspicious applications like Google Installer for U, Google Powers, Google Updater and Google Installer, uninstall them now.
- Detects 238 apps on the Play Store that contain malware that paralyzes smartphones