All About 'Agent Smith' Malware Which Affected Crores Of Indian WhatsApp Users

Beware, if you see any ad popping out while opening WhatsApp.

All About

Researchers have detected a new malware called 'Agent Smith' which is one of the worst attacks in the history of the Android Operating System. The malware has infected as many as 2.5-crore Android phones across the world which includes around 1.5-crore Indian users.

What is Agent Smith?

The malware has been named Agent Smith because it attacks a device without letting the user know; just like the fictional character and the primary antagonist in 'The Matrix' franchise. It replaces installed apps like WhatsApp, Instagram, Flipkart, Hotstar, etc., with their infected clone versions which promote malicious advertisements. This time the target has been the top messaging app, WhatsApp which was replaced by its evil version. Surprisingly, the malware is targetted mostly at Hindi, Arabic, Indonesian and Russian speaking users.

How does it infect?


Agent Smith uses its broad access to the devices' resources to show fraudulent ads and whoever is behind the hack can gain money through the ads. It usually gets infected by downloading barely functioning photo utility games, or sex-related apps from third-party app stores. The malware comes with the name of a Google-related app and later, starts the process of replacing legit apps. The researcher further added,

"Due to its ability to hide its icon from the launcher and impersonates any popular existing apps on a device, there are endless possibilities for this sort of malware to harm a user’s device."

The malware sometimes can also go beyond just posting deceitful ads and be used for intrusive purposes like eavesdropping and theft of banking details. It has mainly spread in countries like India, Bangladesh and Pakistan because of the third-party app store called 9Apps, which is popular in that region. Reportedly, the malware is run by a Chinese company located in Guangzhou which claims to have a front-end business of publishing and promoting Chinese apps internationally. A legal investigation has been going on against the company.

Source: threatpost

Apart from majorly infecting India, the malware has also spread in the US, affecting around 3,00,000 Android users.

In recent months, researchers also uncovered 11 infected apps like Instagram, Flipkart, Hotstar, etc., on Google Play Store that contained malicious yet dormant components used in Agent Smith. Today, this malware is running harmful and malicious ads, but tomorrow, it might also hack and misuse users' personal information.

How to save your phone from Agent Smith?

Although Google has pulled down malicious apps from its app store, there are chances that your phone might be a victim of this malware. So, here are a few security steps to protect your phone from Agent Smith.

1. Do not download any free apps from a third-party store. Always rely on the Google app store.

2. If you suspect that your phone is infected with Agent Smith, the first thing you need to do is delete the data of all the popular apps. Then go on to delete or reset the apps. 

3. If you download any app, carefully check the permission it is asking for. For instance, a photo editing app should not ask for network permission.

  • Express yourself