Home Articles All About the Agent Smith Virus

All About the Agent Smith Virus


Agent Smith virus has infected over 1.5 crore Android phones in India. Read on to know about this latest malware…

When you open WhatsApp on your Android smartphone — if an ad pops out, then you have fallen victim to Agent Smith virus. Check Point Research, the threat intelligence arm of Check Point Software Technologies has discovered a new variant of mobile malware. According to reports, Agent Smith virus has affected 25 million phones across the world and over 1.5 crore devices from India have been hit while in the US, the number has been pitched at 3 lakh.

The malware has been named ‘Agent Smith’ due to its ability to attack an Android device unnoticed. The malware only displays advertisements, disguises itself as a Google-related application, and automatically replaces installed apps with malicious versions without dropping hints to android device users.

Disguised as a Google-related application, the Agent Smith virus exploits known Android vulnerabilities and automatically replaces installed apps with malicious versions without users’ knowledge or interaction.

Operation Mechanism
As per the information provided by Check Point, an Israeli security firm, the Agent Smith malware spreads via third-party app stores namely 9Apps. Most of the Indian Android based smartphone users use the third-party app stores to download modified versions of apps. It is through these the malware injects itself into the smartphones. According to reports, the malware primarily hides in adult related, games and photography apps. Popular apps such as WhatsApp, Flipkart, Opera Mini have also not been spared as the malware has injected its code into these too. A user affected by the Agent Smith virus sees more ads on their smartphones.

The Agent Smith virus attacks user-installed applications silently, making it challenging for common Android users to combat such threats on their own,” said Jonathan Shimonovich, Head of Mobile Threat Detection Research at Check Point Software Technologies.

The Agent Smith virus currently uses its broad access to the devices’ resources to show fraudulent ads for financial gain, but could easily be used for far more intrusive and harmful purposes such as banking credential theft and eavesdropping. This activity resembles previous malware campaigns such as Gooligan, Hummingbad and CopyCat.

Detection Challenges
What is posing a challenge is detecting Agent Smith on an affected smartphone. Mobile phone security experts are of the view that common Android users cannot detect the virus threat on their own. However, in a warning, security experts say that users must download from trusted apps that reduce the risk of such viruses spreading on phones. Apps like 9apps lack security measures and fail to block adware.

Further, Google has been informed about the malware. Following which, the company has removed apps that were affected by it. “So far, the primary victims are based in India though other Asian countries such as Pakistan and Bangladesh have also been impacted. Check Point has worked closely with Google and at the time of publishing, no malicious apps remain on the Play Store,” India Today quotes Google as saying.

Android users are advised against using third-party app stores like 9Apps. If they feel that their phone has been affected by the malware, users must delete data of popular apps by going into settings and later, reinstalling them. They may also resort to doing a factory reset.


Please enter your comment!
Please enter your name here

19 − = 13