If the threat of malware wasn’t already concerning, a new software virus has grabbed the attention of the world for it’s nefarious and stealthy nature. The Agent Smith virus has recently infected a total of 25 million Android smartphones, mostly in India and other neighboring countries.
Named after the villain from the popular Matrix film series, Agent Smith deviates from the usual methods of stealing data, bank statements or sensitive information from your device.
Largely due to the vulnerabilities in Android devices, the virus is disguised as a common phone app which can be obtained from the phone’s app store. Agent Smith replaces downloadable apps with a corrupt version and forces it to display more ads which the virus’ operator then uses to financially profit from the views.
Android has a history of flaws in its software which makes it easy for cybercriminals to hacks apps. One such flaw called Janus rendered Android devices from versions 5.1.1 to 8.0 vulnerable to cyber-attacks; these versions made up 74% at the time this flaw was found in 2017.
The Janus flaw allowed hackers to access apps and corrupt them with DEX (Dalvik Executable) file. This file allows hackers to corrupt apps even if they haven’t been downloaded yet without changing the app’s signature verification certificate. This flaw allowed any app to be targetted by hackers; once an app has been corrupted, the operator obtains the privileges that the app allows, giving way to the theft of sensitive information stored on your device.
What Does Agent Smith Do?
Besides fraudulent profiting, the Agent Smith virus can also be used as a means of hacking bank statements and eavesdropping on unsuspected victims. According to Check Point, a software security agency, the Agent Smith virus makes it difficult for everyday users to combat on their own because of its sly nature, people don’t know they’re being hacked.
Jonathan Shimonovich, Head of Mobile Threat Detection Research at Check Point, says “Combining advanced threat prevention and threat intelligence while adopting a ‘hygiene first’ approach to safeguard digital assets is the best protection against invasive mobile malware attacks like “Agent Smith.”
Shimonovich also suggests that smartphone users should only download applications from trusted application stores like Apple’s AppStore and GooglePlay; he says avoiding third party application stores is one of the best means of preventing malware from infecting your devices because they don’t employ or have the means of filtering corrupted applications.
Check Point believes that the Agent Smith virus originated from a Chinese internet firm that helps Chinese Android app developers publish their apps on foreign markets and target their audience. A third-party app store called 9Apps helped distribute the malware to multiple countries including Pakistan, Bangladesh, India, and Russia.
The Agent Smith virus has also infected mobile devices and software systems in the west and Australia, with more than 300,000 in the United States, and more than 130,000 in the United Kingdom.
How To Tell You’ve Been Infected
It’s not that hard to tell if you’ve been infected or not. A common sign which indicates that you’ve been infected is seeing an excessive amount of ads popping up when using your apps. Since these apps are now corrupted, they’re very hard to exit or even impossible.
Where Does The Malware Come From?
This new incident of cyber-corruption accentuates not only what you should avoid but where you should avoid going pertaining to malware. Third-party app stores aren’t corrupt locations but your chances of getting malware are higher when using these sources.
Third-party app stores are digital stores that are run by people who are not part of an incorporated manufacturer. Yet, ironically, the majority of applications that are available on the two biggest app stores, Apple’s AppStore and GooglePlay, are third-party applications.
A third-party app is created by a private business or individual; Apple and Google make their own apps, which are known as native apps, but in order for a private developer to sell or distribute his project on one of these company’s platforms they have to abide by stipulations of development.
This is to prevent any malicious apps from being distributed. Third-party app stores don’t have such strict developmental regulations; you may still be able to download safe applications, but your chances of downloading malware increases, respectively.
The GooglePlay and the Apple AppStore aren’t accessible in most countries so many people have to rely on third-party stores to download their apps. Third-party app stores are unrestricted, meaning developers retain control over their applications and distribution to their target audience.
Malware can infect your devices from multiple means; it’s important that you understand these different methods to keep your data and finances safe from corrupt hands.
It’s hard to tell if your device has been corrupted; if the signs mentioned above persist you should immediately contact a malware or anti-virus company who’ll help you resolve the issue.