Agent Smith, a newly developed malware that quietly infected about 25 million devices, India being a primary target along with other Asian countries. Agent Smith keeps the user unaware while spreading itself, more than 2.8 billion infections are reported in total. Let us dive more into this scenario.
What exactly is Agent Smith?
Agent Smith is a malware that takes benefit of various known
Android vulnerabilities and automatically replaces installed apps on the device
with malicious versions of the same apps differently coded to show a lot more ads. This whole process is undertaken without any user interference which is the main reason for the escalation of this malware. The replaced app doesn’t steal information. Instead, apps replaced display a huge number of advertisements or steal credit from the device to pay for adverts already served.
Agent
Smith is being used for financial gain through the use of malicious
advertisements.
What it does and how?
Agent Smith is nothing but a type of application that has the ability to hide its icon from the launcher and mimic as any popular existing app on a device. It can also mimic at a level where it claims to be Google related updaters or a related product. Now that it is hidden and cannot be found out easily, it proceeds to infect and replace the apps with a malicious version which forces the user to watch endless advertisements.
“Agent Smith” infection has three
main phases:
- A dummy app lures the victim to install itself voluntarily. Dummy app variants are usually barely functioning photo utility, games, or NSFW apps. A dummy app is an application that is used to bundle the malware with.
- A dummy app automatically installs its core malware APK which later carries out malicious patching and app updates. The core malware is usually disguised as Google Updater.
- The core malware extracts the data about the device's apps. If it finds apps on its prey list (prey list is a list of apps whose replacement is possible to carry out by the malware ), it will extract the base APK of the target innocent app on the device, patch the APK with malicious ads modules, install the APK back and
replace the original one as if it is an update.
Preventive measures
Avoid downloading and installing an application from any third-party app stores and sites that provide cracked applications
Always check the permission that the installed application demands. You should have a rough idea about what type of application can demand what type of permissions (For example, an ebook reader application should not demand to access contacts or camera. If it does so immediately delete that particular application)
Avoid installing the applications which are recommended by other money/point earning applications.
You may also consider keeping a good anti-malware application that can provide real-time protection but they also consume a lot of resources.
Here are some apps removed by Google from the play store
- Ludo Master - New Ludo Game 2019 For Free
- Sky Warriors: General Attack
- Color Phone Flash - Call Screen Theme
- Bio Blast - Infinity Battle Shoot virus
- Shooting Jet
- Photo Projector
- Gun Hero - Gunman Game for Free
- Cooking Witch
- Blockman Go: Free Realms & Mini Games
- Crazy Juicer - Hot Knife Hit Game & Juice Blast
- Clash of Virus
- Angry Virus
- Rabbit Temple
- Star Range
- Kiss Game: Touch Her Heart
- Girl Cloth Xray Scan Simulator
Know if your device is infected
Agent Smith fairly easy to spot. If your regularly used apps suddenly start showing an overwhelming amount of advertisements, it is a sure sign something is wrong. The ads that malware serves are difficult or impossible to exit, which is another indicator.
How to remove Agent Smith?
In most cases, you need to factory reset your smartphone to get rid of this malware.
You can also try to uninstall the dummy app if you can trace it, or you can uninstall all the apps. If you are lucky enough and the infection is not spread too much, you can get rid of it via uninstalling all the apps
You can also try installing some anti-malware applications, they can also be helpful to some extent. here are some which can help you
0 comments:
Post a Comment