Games E-Paper
Trending : Revanth ReddyCongressTelangana AssemblyAndhra Pradesh News Updatestelangana news updates2024 Lok Sabha elections
ADVERTISEMENT
Home > Technology > Android Malware Alert – 14 Apps, 338,300 Devices Affected, Act Now

Android Malware Alert – 14 Apps, 338,300 Devices Affected, Act Now

Kahekashan
Update: 2023-12-29 11:30 IST

A recent discovery by McAfee researchers has unveiled a novel Android backdoor malware dubbed 'Xamalicious,' infiltrating around 338,300 devices through deceptive apps on the Google Play Store. This malicious software was detected in 14 apps, with three of them accumulating 100,000 installations each before being removed from the Play Store. Despite their removal, users who inadvertently installed these apps are urged to delete them promptly.

ADVERTISEMENT

While the affected apps have been removed from the official app store, users who installed them since mid-2020 may still harbour active Xamalicious infections on their devices. Consequently, individuals are advised to manually inspect and clean up their devices, scrutinizing for any suspicious settings or unfamiliar apps.

Some of the widely installed Android apps affected by Xamalicious include:

- Essential Horoscope for Android (100,000 installs)

- 3D Skin Editor for PE Minecraft (100,000 installs)

- Logo Maker Pro (100,000 installs)

- Auto Click Repeater (10,000 installs)

- Count Easy Calorie Calculator (10,000 installs)

- Dots: One Line Connector (10,000 installs)

- Sound Volume Extender (5,000 installs)

Apart from the Google Play Store, an additional group of 12 malicious apps carrying the Xamalicious threat circulates on unauthorized third-party app stores, impacting users through APK file downloads.

Xamalicious, characterized as an Android backdoor, stands out for its reliance on the.NET framework and integration into apps developed using the open-source Xamarin framework. This unique feature poses a challenge for cybersecurity experts engaged in code analysis. Once installed, Xamalicious seeks Accessibility Service access, allowing it to execute privileged operations such as navigation gestures, hide on-screen elements, and acquire additional permissions.

Post-installation, the malware communicates with a Command and Control (C2) server to fetch the second-stage DLL payload ('cache.bin'). This retrieval is conditional on meeting specific criteria, including geographical location, network conditions, device configuration, and root status.

Android users are strongly encouraged to inspect their devices for signs of Xamalicious infections, even if they have uninstalled the implicated apps. Utilizing reputable antivirus software for manual cleanup and regular device scanning is recommended to ensure protection against such malware threats.

ADVERTISEMENT

Tags:    

Similar News

WhatsApp, Instagram, and Facebook Resume Services Following Outages
Google to Simplify Travel Planning with AI-Generated Itinerary and Recommendations
Spotify Introduces Video Learning Courses: Explore Music, Creativity, and Business
Apple Cancels MicroLED Screen Plans, Bloomberg Reports
Elon Musk Adds Job Search Feature on X: Aiming to Compete with LinkedIn
Elon Musk Celebrates First Neuralink User Controlling Computer with Brain
iPhone 16 Leaks: Expected Upgrades and Features Unveiled
Google Warns Drive Users About Rising Spam Threats: Stay Alert
Realme Narzo 70 Pro Introduces Air Gestures: A Futuristic Interaction Experience
Google I/O 2024: Date, What to Expect and Highlights
Spotify Rolls Out Music Videos: Beta Feature Available for Premium Subscribers
Amazon AI tool to let sellers create product pages from external links