25 mn Android smartphones hit by fake WhatsApp; are you safe? Here is how to check
About 25 million Android devices across the globe have been infected by a malware dubbed ‘Agent Smith’ - inspired by the Matrix trilogy - security researchers at Check Point Research have found.
About 25 million Android devices across the globe have been infected by a malware dubbed ‘Agent Smith’ - inspired by the Matrix trilogy - security researchers at Check Point Research have found. The researches said that the new strain of malware has impacted millions of smartphones. The malware "quietly infected around 25 million devices, while the user remains completely unaware," they said. According to a blog by Check Point Research, the malware doesn’t steal data but it seems that it is pretty nasty, as it replaces legitimate installed apps (such as WhatsApp) with malicious versions.
Researchers are blaming an unnamed company based in Guangzhou, China for the current situation. They explained that the main route is through third-party apps that you've downloaded from somewhere other than the Google Play Store. These apps can be photo apps, games or social apps, but they all share one thing in common: they were created by scammers.
"In the first phase, the attacker lures users to download a dropper application from an app store such as 9Apps," Check Point researchers explained. "These droppers are usually disguised as free games, utility applications or adult entertainment applications, yet contain an encrypted malicious payload." The app then installs the malware on your system, but disguises it as a "Google Updater" tool. It then replaces WhatsApp with an infected version of the app on your device. The new app could annoy you with ads, while generating quick cash for crooks.
How to check if you are safe?
The first sign of alarm should be if you receive ads when you open WhatsApp. The standard version of the app doesn't serve ads. If you do, then check your app list for suspicious items like Google Updater or Google Installer. If you find one, uninstall it. Follow these steps:
- Go to Settings Menu
- Click on Apps or Application Manager
- Scroll to the suspected app and uninstall it
In case you fail to find a suspicious app, then remove all recently installed apps. After that, also remove WhatsApp from you phone and reinstall it from the official Google Play Store. Make sure you take a back up of your chats before uninstalling the app. The blog added that even users who download apps from the official Google Play Store aren't safe as 11 different apps on the Google Play Store contained the rogue malware.
These apps have since been removed from the store by Google, but they may still be lurking on your device.