Originally published here on 17July 2019

What’s happened?

Australian Android users are warned not to download mobile apps from third party app stores following reports of malware known as ‘Agent Smith’ infecting 25 million Android devices globally.

Definition from Cyberkite: Android is the operating system of a lot of popular brands like Samsung, HTC, Oppo, Huawei, Google Pixel, etc.

How it works?

Android devices are infected when the user installs an app, often a game app from a third party site (meaning an app not from the Google Play Store), which contains this malicious software (malware).

• The ‘Agent Smith’ malware then searches an infected device for other apps it can feed on, replacing them with malicious, cloned versions without the user’s knowledge.

• ‘Agent Smith’ is capable of replicating mobile apps like WhatsApp, web browser Opera and virtual keyboard SwiftKey.

Through the replicated apps, ‘Agent Smith’ displays fake advertisements that are used by cybercriminals to steal your money or personal information. By impersonating existing apps on a user’s device – and leveraging the permissions a user has granted to the real apps – cybercriminals could also hijack sensitive information like your banking password or other online logins.

How do I stay safe?

1. If you think you may have downloaded an app containing ‘Agent Smith’, Android users can go to Settings, then click on Apps or Application Manager, scroll to the suspected app and uninstall it.

2. If it can’t be found then remove all recently installed apps.

3. Note from Cyberkite: Also before installing any apps via the Play Store - always read the reviews for any comments that the app is fake. If still unsure, google the name of the app and go to the genuine company page that talks about the app and follow the relevant link there.

4. Note from Cyberkite: Do not allow installation of apps from third party sources - you're not protected by Google's protection mechanisms on the Play Store. Some people figure out how to turn off the protection to allow installation of apps not available on the google Play Store - for example they install the Game Fortnite or Install a Pornography app or something that would not be available on the Google Play Store. Our advice - if you are not a hacker or programmer or developer - then stick to installing Android apps from the Google Play Store only 👌

5. Note from Cyberkite: If you need a through Cybersecurity Check - book Cyberkite for a session onsite (in Melbourne, Australia) or remotely (Worldwide) - Booking Centre: cyberkite.com.au/booksession (sign up and login required for your safety)

Further advice to stay safe when dealing with apps:

• Never download apps from third party sites or from links in emails, social media, text messages or websites.

• Use legitimate app stores such as Google Play for Android (for Android phones) or Apple’s App Store (for ipads and iphones)

• Don’t click on app adverts as they may contain malicious software – and consider installing a reputable ad blocker from a legitimate app store that will stop you seeing most ads.

• Keep your devices and apps updated with the latest software whenever updates are available – and set updates to install automatically wherever possible.

• More information Learn more about safely downloading online apps.

• Read more about malicious advertising.

Copyright: © 2019 Australian Government.

All rights reserved.

With a few notes from Cyberkite.