Android is facing a severe threat and is creating havoc everywhere. A Malware code named “Agent Smith” is spreading like a wildfire effecting every mobile in its way. The worst part about Agent Smith is that, many people don’t even know if they are affected by it. This malware has the capability to lurk around your device without your notice and detecting it is a tricky job which makes this virus more powerful and quite annoying.
Who’s Agent Smith? How’s It Originated?
Agent Smith is a very fast spreading virus that harms your smartphones by controlling the apps installed in it. You can’t recognize it, but, if you are getting a huge amount of ads on opening the apps like WhatsApp, Messenger and other apps which do not actually serve ads at all then there might be a great chance of having it in your phone. This new malware Agent Smith has likely affected about 25 million phones worldwide. Asiatic countries like India, Malaysia and Indonesia and many other countries affected due to it. It is entering into the device as a Google-related application and it exploits android vulnerabilities and then replaces the installed apps on your phone with the malicious codes. These codes in turn display a large amount of pop-up ads on your phone. It was said to be originated from third party app-store 9Apps.
According to some reports, it’s is not a dangerous virus, it is said to be deteriorating the performance of your phone and annoys you with a massive amount of ads while browsing through the Internet.
Agent Smith Attacking Phases
- In the first phase, the attacker persuades users to download a dropper application from an app store. That includes apps such as 9Apps (A Play Store like app which is used to download cracked versions of software. These droppers applications have Agent Smith type malware disguised as free games, free applications and downloads, deals and coupon apps, and some adult entertainment applications. Once the app is installed on your phone it will check for the popular apps installed in your phone, apps such as WhatsApp, MX player, Messenger, File Explorer, ShareIt and more from the attacker’s pre-determined list. If it found any of those applications, “Agent Smith will then attack those applications by inserting malicious code into it.
- In the second phase, after the dropper gains a foothold on the victim’s device, it automatically, then decrypts the malicious payload into its original form an APK file which serves as the core part of “Agent Smith’s attack. The dropper, then abuses several known system vulnerabilities to install the core malware even sometimes without any user interaction at all. As it possess the control of your phone, it will give permission to your storage and every other thing without your consent.
- In the third phase, the core malware installed in those apps will do the task the attacker wanted to. Showing ads everywhere, Auto-Clicking them and many other things. In simple words, it annoys you.
How To Detect It
- Getting more Ads in your phone than usual is a strong sign of Agent Smith in your phone.
- If some of the trusted apps like Facebook, Whats App, Twitter or any other apps misbehave and drains your battery unnecessarily, then chances are there for you to recheck your phone.
- Go to Playstore and click on the Play-Protect option and check if any apps are flagged as harmful. Play-Protect scan every app installed on your phone.
- Check the performance aspects of your phone and that includes Battery life, Booting Speeds, App openings and Multitasking abilities. If you found anything wrong, then you might be having something lurking in your device.
How To Remove It
If you want to remove this annoying malware from your phone, all you need to do is follow these steps.
- Backup your things (Videos, Images, Contacts, Documents) in your phone leaving the installed apps. I repeat, don’t try to save any any app files (APK) on your laptop or google drive.
- Once you have backed up everything, Go to Settings > System and click on the Reset option. If your phone has got the search feature in settings, then use it to find the reset option.
- Click on reset and do a full reset and that deletes everything in your phone and that include the traces of Agent Smith as well.
- Now copy the things that you backed up previously, only after scanning those files with an antivirus installed in your computer. This will reduce the risk of getting it back.
How To Protect
In order to protect yourself against malware like these all you have to do is
- Download the applications only from a trusted application, basically from Google Play Store only.
- Don’t trust and depend too much on third party app vendors (9Apps App store, VShare, Apptoide).
- Remove the apps that are flagged as harmful by Play Protect immediately.
- Don’t give unnecessary permissions to the third party installed apps. I mean, Why does a torch light like application need storage permission.If any app is asking unnecessary permissions outside its usage, don’t give it.
Discussion about this post