'Agent Smith' malware that secretly replaces WhatsApp spreads to 25 million phones

The infection has hit devices throughout the world, including the UK, US and Australia

The 'Agent Smith' malware has already infected more than 25 million devices
The 'Agent Smith' malware has already infected more than 25 million devices

A new type of mobile malware that secretly replaces popular apps like WhatsApp on people’s phones has already infected more than 25 million devices, security researchers have revealed.

Dubbed ‘Agent Smith’, the malware exploits vulnerabilities within the Android operating system to automatically replace installed apps with a malicious version without the user realising.

The new version then displays fraudulent ads for financial gain, though it could be used for more dangerous purposes such as stealing bank details or spying on someone through their camera or microphone.

Researchers at the cyber security firm Check Point discovered the Agent Smith malware, which was named after the shadowy character from The Matrix film series.

“The malware attacks user-installed applications silently, making it challenging for common Android users to combat such threats on their own,” said Jonathan Shimonovich, head of mobile threat detection research at Check Point.

Agent Smith has claimed majority of its victims in India, with around two-thirds of all infected devices located in the south Asian country, though the malware has also claimed a “noticeable number” of victims in the UK, US and Australia.

Around 137,000 devices in the UK have been infected with the malware, with a further 300,000 infections in the US.

A world infection heat map shows the spread of the 25 million affected devices

A blog post detailing how the malware operates explained how there were “endless possibilities” for hackers to harm a user’s digital security through Agent Smith.

Working together with Google, the researchers said that all malicious apps containing the malware have been removed from Android’s Play Store.

“Combining advanced threat prevention and threat intelligence while adopting a ‘hygiene first’ approach to safeguard digital assets is the best protection against invasive mobile malware attacks like ‘Agent Smith’,” said Mr Shimonovich.

“In addition, users should only be downloading apps from trusted app stores to mitigate the risk of infection as third party app stores often lack the security measures required to block adware loaded apps.”

Register for free to continue reading

Registration is a free and easy way to support our truly independent journalism

By registering, you will also enjoy limited access to Premium articles, exclusive newsletters, commenting, and virtual events with our leading journalists

Please enter a valid email
Please enter a valid email
Must be at least 6 characters, include an upper and lower case character and a number
Must be at least 6 characters, include an upper and lower case character and a number
Must be at least 6 characters, include an upper and lower case character and a number
Please enter your first name
Special characters aren’t allowed
Please enter a name between 1 and 40 characters
Please enter your last name
Special characters aren’t allowed
Please enter a name between 1 and 40 characters
You must be over 18 years old to register
You must be over 18 years old to register
Opt-out-policy
You can opt-out at any time by signing in to your account to manage your preferences. Each email has a link to unsubscribe.

By clicking ‘Create my account’ you confirm that your data has been entered correctly and you have read and agree to our Terms of use, Cookie policy and Privacy notice.

This site is protected by reCAPTCHA and the Google Privacy policy and Terms of service apply.

Already have an account? sign in

By clicking ‘Register’ you confirm that your data has been entered correctly and you have read and agree to our Terms of use, Cookie policy and Privacy notice.

This site is protected by reCAPTCHA and the Google Privacy policy and Terms of service apply.

Register for free to continue reading

Registration is a free and easy way to support our truly independent journalism

By registering, you will also enjoy limited access to Premium articles, exclusive newsletters, commenting, and virtual events with our leading journalists

Already have an account? sign in

By clicking ‘Register’ you confirm that your data has been entered correctly and you have read and agree to our Terms of use, Cookie policy and Privacy notice.

This site is protected by reCAPTCHA and the Google Privacy policy and Terms of service apply.

Join our new commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in