Malware affecting Jio Apps, WhatsApp, Flipkart and Hotstar ‘primarily targeted’ Indian users through Alibaba’s app store
Business Insider India
- A new malware has affected 25 million smartphone users globally, most of whom are from India, according to a report by Check Point.
- The primary point of entry for the malware called ‘Agent Smith’ was through Alibaba’s 9apps.com mobile app store.
- But it was only able to latch onto devices that are still running an outdated version of Google’s operating system, Android affecting Jio’s suite of apps, Flipkart, Truecaller, Hotstar and WhatsApp.
It’s not just WhatsApp but other popular apps like Hotstar, Jio Chat, Jio Play, Flipkart and Truecaller have been affected by the malware, according to Check Point.
Instead of the original app, you might have a version that is filled with malicious ads which will litter your device.
It’s not just 9apps that’s reportedly at fault. Agent Smith uses vulnerabilities in previous versions of Android to latch onto devices. So, the malware only gets onto your phone if you haven’t updated it to the latest version of Google’s operating system.
The Israeli security company also found that while the malware was primarily focused on users in India, it has made its way onto 25 million devices — including Android phones in the US and the UK.
Undercover on your phone
Users downloading WhatsApp from 9apps, rather than the Google Play Store, have inadvertently been loading the malware onto their devices. It takes over WhatsApp and other primary apps on your device, to replace them ad-filled versions.
Agent Smith makes its way onto your phone just like any other app. It’s usually disguised a photo editing tool or an adult game in the app store which starts to penetrate the system after the app is installed.
Disguised as a legitimate Google update tool, Agent Smith then replaces original apps on your phone will malicious versions. And, there aren’t any notifications that will warn you.
The apps and the ads themselves aren’t dangerous per se, according to the researchers who made the discovery, but the malware’s true intent might extend beyond showing ads.
Due to its ability to hide it’s icon from the launcher and impersonate any popular existing app on a device, there are endless possibilities for this sort of malware to harm a user’s device.
Check Point also noted that it found indications that the hackers were working their way onto Google’s Play Store with 11 apps containing a ‘dormant’ piece of the software.
A simple remedy
If you’re one of the people who has been using 9apps and you’re afraid that Agent Smith might have made its onto your phone, there’s a simple to check to find out.
Make your way to your menus Android settings and find the Apps Menu. In the list of apps, look out for names like ‘Google Updater’, ‘Google Installer for U’, ‘Google Powers’ or ‘Google Installer’.
In case you have any of those apps on your phone, yes, you have been affected. But the solution is also simple. Simply uninstall the affected app. And, in the future, download apps only from Google’s official Play Store to stay safe.
The Indian government wants to build its own WhatsApp for official communication
Indian Army fears that foreign intelligence may be using WhatsApp to profile its officers
The Indian government wants a handle on students' social media profiles —and that has sparked an outrage