Agent Smith Malware Replaces Android Apps with Fake Apps

Agent Smith virus infected android phones across the world. It has so far infected millions of phones of which over 15 million (over 1.5 crores) are in India.

Agent Smith Malware

The virus, which serves ads on the infected phones, spreads through third-party app stores like 9Apps and once it is on a phone, it hides by changing its name to a regular-looking app like Google Updater.

Read Also What is Ransomware? | Types of Ransomware | Ransomware attack Prevention

The information has been revealed by Check Point, a company that makes security apps and often provides guidance on cybersecurity threats. “Disguised as a Google-related application, the malware exploits known Android vulnerabilities. It will automatically replace installed apps with malicious versions without users’ knowledge or interaction.

Dubbed Agent Smith, the malware currently uses its broad access to the devices’ resources to show fraudulent ads for financial gain. But could easily be used for far more intrusive and harmful purposes such as banking credential theft and eavesdropping,” noted Check Point.

Read Also Nvidia Hacked: Stole Company Data During Cyberattack

Agent Smith malware in Android phones

Agent Smith mostly spreads through third-party app stores. For example 9Apps. Google’s own Play store is regulated in a better way, something that makes it difficult — but not impossible — for malicious code or virus-like Agent Smith to spread on Android phones.

But third-party stores are often used by Indian Android users to download various apps or the modified versions of apps. Once the app has been installed on the phone, Agent Smith uses permissions given to it by users. Also, users often say yes to all permissions while installing an app — to modify its name to something that looks more “authentic” like Google Updater or Google Themes or something else with Google in it.