Who produced the Agent Smith malware virus

Virus on 25 million devices: WhatsApp and Co. infected by fraudulent software

The Agent Smith virus is currently unsettling millions of users worldwide. It sneaks in via app downloads on the smartphone and, on the one hand, accesses data, but also changes the code in other popular apps, especially WhatsApp, and plays more advertisements to users. So far, 25 million devices have been affected, mainly in India, Pakistan and Bangladesh. The IT security software Check Point warns above all about third party app stores. However, the risk is limited.

Virus infects various apps

The IT security company Check Point discovered the malware, which was distributed in particular via third-party app stores such as 9Apps. So far, users from India, but also Bangladesh, Pakistan, Australia, the USA and Great Britain have been particularly affected. Called Agent Smith, the virus hides in infiltrated apps such as free games, "adult" apps or useful everyday apps. If such an app is on the device, popular apps such as WhatsApp or MXplayer are searched for there. The malware is installed on the device as an APK (Android Package). As a result, the APK of the searched apps is enriched with fraudulent elements, so that their code is infected. However, the effect of this attack is not the worst case for the user. Because Agent Smith displays additional advertising in the infected apps, usually without context. In this way, the virus scam is said to be of financial benefit as well.

There is still no great danger, but the potential is there

Playing the ads alone does not pose a particularly great danger for the user. However, with a little modification, this malware could become much more dangerous, as Heise reports. That would be the case if the devices and installed apps were still susceptible to the exploits and these were aimed at tapping user data or accessing credit card information, etc.

For users in Germany, the risk is so far low and infections are not known in this country to date. According to Check Point, the malware primarily targeted users who speak Hindi, Indonesian, Russian and Arabic. The malicious applications that brought the virus to the devices had also found their way into the Google Play Store, although the security precautions, unlike many third-party app stores, were designed to detect and exclude such malware. As a result, eleven apps were removed from the store.

The detailed investigation by Check Point reveals all the details of the fraudulent use and explains that the conception of Agent Smith began in 2016. The company calls for greater control by app developers, device manufacturers, system developers, but also users. Users should only download reputable apps from official app stores.

If you suspect the malware is on your device, you can simply uninstall the most recently installed apps. In addition, apps targeted by the virus, such as WhatsApp, should be reinstalled. For their own safety, users should always provide the apps with the updates provided and subject them to a control. If an unusual number of questionable ads show up in apps, it could indicate fraud. With this system around Agent Smith, the developers of the same should have financially enriched themselves.