Do you see an ad pop up when you open Whatsapp? If yes, then you are hit by a new malware called ‘Agent Smith’.
Named ‘Agent Smith’, because of the methods it uses to attack a device and avoid detection, much like our agent from Matrix. This newly discovered Android malware replaces portions of apps with its own code. Till now, it has infected more than 25 million devices, with 15 million of them being Indians. This has been one of the worst attacks on Android operating system in recent memory.
The malware is known to only display advertisements and for now, it does not steal any data. It uses its broad access to the devices’ resources to show fraudulent ads for financial gain, but can be used for harmful purposes like banking credential theft.
According to the Israeli security firm, Check Point, the malware is disguised as a Google-related application and exploits known Android vulnerability. Without the users’ knowledge or interaction, it automatically replaces installed apps with malicious versions. The malware appears to be run by a Chinese company that claims to help developers publish their apps internationally.
"Agent Smith" malware has replaced Android apps’ code on 25 million devices https://t.co/QSkUgwXecM pic.twitter.com/tKoKg4wvNX
— The Verge (@verge) July 10, 2019
In general, the malware gets injected when a user downloads an app from Google Play Store or a third party app store like 9apps.com. The app installs the malware, masked as a legitimate Google updating tool. The installed app does not show off an icon on the screen.
Developers need to update their apps which evidently many of them have not done, in order to have added protections.