Android users should be on the lookout for a new kind of mobile malware that has been found infecting Android devices. Unbeknownst to its users, this malware has quietly infected around 25 million devices, sneakily replacing installed apps with malicious versions and displaying fraudulent ads on the device.
The malware was dubbed by researchers as “Agent Smith” because of its just-in-time (JIT) approach. They also pointed out that Agent Smith has three (3) main phases:
- A dropper app (mainly gaming, tools, beauty filter or adult content apps) lures victims to install itself voluntarily
- The app automatically decrypts and installs its core malware disguised as a Google Updater, Google Update for U, or “com.google.vending”
- The malware extracts the device’s installed apps and replaces the original app, making the victim believe it was merely an update.
In addition, Trend Micro found that malicious versions of these installed apps occupy more OS space and threaten to infect the device further. Google has already removed the remaining apps on its Play Store after receiving reports from various researchers.
Despite the removal, users are still advised to check their devices and uninstall apps that look suspicious. It is important to always monitor what you download and install to your devices to avoid potential threats. One way to keep on top of this is by utilising mobile security software such as Trend Micro Mobile Security for mobile phones and tablets. Trend Micro Mobile Security prevents data theft, viruses and online threats such as Agent Smith, to ensure you are protected no matter where you go.
Learn more about Trend Micro Mobile Security for optimum security for your smartphones and tablets here.