Blog

Cyber-crime Data Breach

Agent smith global malware attack on devices

Agent Smith, a novel form of mobile malware, has globally infected almost 25 million android devices. Concealed as a Google-related app, the malicious software preys on known Android flaws and replicates installed apps with devious versions without user interaction.
The malware uses its access to the Android device resource store to make fraudulent adverts for monetary gain but also can carry out other harmful practices like eavesdropping and online banking theft. Agent Smith is like Hummingbird, Copycat, and Gooligan malware.
The Head of Mobile Threat Detection Research at CheckPoint, Jonathan Shimonovich, came out to say that Agent Smith silently targets user-installed applications, making it challenging for common smartphone users to combat such a threat on their own. The Malware came from used third-party app stores such as 9Apps. This malware’s main target is Arabic, Russian, and Indonesian-speaking nationalities.
To date, the single biggest victim is India, although other Asian countries like Bangladesh and Pakistan also register top rates of infection. In the United Kingdom, the United States, and the Isle of Australia, traces of Agent Smith are in small numbers. To curb its rapid spread, Google and Check Point have partnered to combat this malware, and 90% of the third-party apps don’t have any traces of this malware.
Combining advanced threat detection and threat intelligence together with a hygiene first approach is the best way of securing one’s digital assets against these disruptive mobile malware attacks. Also, Net users should only download apps from reputable app stores to minimize the risk of malware infections. This is because third-party app stores lack advanced preventative security measures.

What to do in case of Agent Smith presence
Agent Smith is downloaded from a broad used third-party app store known as 9Apps. The major targets were Hindi, Arabic, Russian, and Asian users, but the infection spread beyond these borders to Europe and America. But to stay safe from such attacks, avoid downloading information from third-party app stores as they lack the adequate security measures needed to block adware loaded applications.
With such a cunning infection tactic of replicating existing device apps with malicious versions, people should only download apps from trusted web stores to minimize the risk of infection. Since Agent Smith’s anonymous tactic to target user-installed apps from third-party app stores, it’s very difficult for common Android users to battle such attacks.
Having an advanced malware protection solution, like Sandblast Mobile on your device, detects and blocks such malicious versions of these apps from being run by the system thus alerting the user of suspicious acts. In the mobile threat space, the best defence against disruptive mobile malware attacks like Agent Smith is to utilize advanced threat mitigation technology.

How to uninstall Agent Smith from Your Android Device
In the event, your device is a victim of Agent Smith or other related malware, follow these steps to uninstall the malicious apps.
Go to the phone menu and then click on settings
Click on the applications or software manager tab
Scroll to your suspected malware and click on it to get the uninstall option.
If you cannot find it, delete all installed applications.