The Israeli cybersecurity company Check Point has named Agent Smith – the name of the villain of the ‘Matrix‘ trilogy – a new camouflaged virus as if it were a Google-related application that has infected at least 25 million mobile devices.
This malicious program takes advantage of the weaknesses of the Android operating system to replace applications already installed without users realizing the purpose of displaying fraudulent advertising to obtain economic benefits.
However, the portal noticiasrt.com indicates that this ‘malware‘ could be used to perform more intrusive tasks, such as the theft of banking information. In fact, its ability to hide its icon and supplant any of the popular applications offers “endless possibilities” to hurt.
More than 50% of victims were in India, where this epidemic has affected around 15 million devices. Other countries with significant infections have been the United States, where more than 300,000 cases have been registered, and the United Kingdom, with 137,000.
Agent Smith spread through the 9Apps application store, owned by the Chinese company Alibaba and mainly focused on India, Indonesia and countries where Arabic predominates, although it penetrated successfully in countries like Saudi Arabia, USA. and the United Kingdom.
The Check Point team also found 11 infected applications on Google Play that had not yet activated that virus and were dropped almost immediately.
When a user downloads an application of photos, games or applications for adults, Agent Smith is installed as a camouflaged Google update tool. Then, it replaces applications such as the WhatsApp messaging service or the Opera browser that, when opened, display advertisements in an unexpected way.
Thus, the developers of the virus profit from each click on those ads, which do not represent a direct risk to the user.
How to identify an infected device?
When a person receives advertisements after opening WhatsApp or any other application on their device it is most likely that they are infected with a virus, explained the head of cyber-analysis and response of Check Point, Aviran Hazum, to Forbes magazine.
If that is the case, you need to enter the Android settings, open the list of information about the applications, search for suspicious names like “Google Updater, Google Update for U or com.google.vending” and uninstall those ‘apps’.
Experts in the field also recommend that Android users avoid downloading content from unofficial application stores, as this is the most common way in which computer viruses and malicious applications are spread.