Imagine this scenario involving one of the worst agents you could ever encounter, Agent Smith. Say you download a brand-new game or app from an Android app store. Everything is going great. This new app is fantastic. It’s the bee’s knees, and you love it. Slowly your phone starts to lag. You notice more advertisements in your notifications. That new, excellent app is now overrun by ads. You’ve told people that you think your phone has a virus, but that tech support agent from your cell phone company said that it’s not possible.
It’s easy to understand why a tech support agent would say something isn’t a virus. It doesn’t happen as often as you might think. Nonetheless, your Android phone is now overrun by advertisements, and you can’t figure out why. But in reality, you have been breached by Agent Smith.
There might finally be a good reason for this. A new piece of malware targeting Android phones was discovered, spreading its way through India. It has also jumped the pond and is making its way to North America. That malware is called Agent Smith.
Agent Smith is aptly named after Agent Smith, the villain featured in the 90’s hit movie, The Matrix. In this movie, Agent Smith would absorb victims of the virtual world, called The Matrix, and become them. He invaded their ‘code’ and adapted it to be his own. This allowed Agent Smith to travel anywhere in The Matrix instantly.
Agent Smith, the malware, works similarly. Once an Android user downloads an app that Agent Smith can target, Agent Smith places itself on the device and gets to work. First, it masks itself as a known app like the Google Updater service. Then it starts infecting that targeted app. Agent Smith will slowly begin replacing portions of code within that app with its code. After it’s done, the malware will start wreaking havoc on that phone.
Table of Contents
Agent Smith works like every zombie virus from every zombie movie ever released. It infects its victims and takes control of their brains.
Though this virus is downright malicious, its goal isn’t to steal data. Nor does it make devices mine cryptocurrency. Instead, Agent Smith’s primary goal is to display more advertisements. The more ads that viruses can show, the more money its creators will make.
Is Agent Smith preventable? Absolutely. This virus appears to exploit a known vulnerability that was patched in Android a few years back. It seems that many device manufacturers have decided not to maintain their products.
Since this malware is primarily prevalent in India, we could assume two things. First, most of the infected phones are running older versions of Android. Devices in India are far cheaper and less feature-rich than what can be found in America. It could be the case that since these phones are so cheap that the manufacturers aren’t maintaining them and patching their software.
The second thing is that most phones in India don’t use the Google App Store. Most of these devices come with an app store called App9 installed. Many Indian devices run a version called AOSP, or the open-source version of Android. This Android version doesn’t come with any of the Google Apps, including the Google App Store. Using Google Apps means that devices need to be certified by Google. That certification comes with a price. Many device manufacturers that make these cheaper devices use AOSP to lower costs.
What’s the Takeaway?
As a business, you need to be aware of what your employees are doing with their devices, especially since those smartphones now hold sensitive business data. People share cool, new things they find. It’s in our nature, and that’s okay. It’s part of being human.
Imagine that your employees travel or have global business contacts. One of their associates recommends this awesome game to play on their flight home. There’s a catch. They must download it from this other app store. So, that associate helps your employees download that app store and game.
Infections can happen with the best of intentions.
Thankfully, there are two easy ways to mitigate malware infections on Android devices.
- Only purchase devices from well-known manufacturers. Android One or Pixel devices are the most secure. Both use stock Google Certified Android software and are required to receive monthly security patches despite the carrier that the phone is being used on. Cell phone carriers have traditionally been the most significant roadblocks that device manufacturers face to update their phones. Pixel phones and Android One devices bypass carriers.
- Use suitable mobile device management software. There are a lot of options out there. Mobile device management apps prevent employees from downloading unauthorized apps on work-issued devices.
Smart Phone malware shouldn’t be feared. Viruses like Agent Smith are very easy to avoid. We only need to be diligent about the apps we download.
If your phone is lagging, Agent Smith may be attacking you. Send us a message, and we’ll send him back to The Matrix, where he belongs!