Beware! Over 800 Android Apps On Google Play Shop Incorporate 'Xavier' Malware

Over 800 dissimilar Android apps that convey been downloaded millions of times from Google Play Store industrial plant life to last infected alongside malicious promotion library that silently collects sensitive user information in addition to tin perform unsafe operations.

Dubbed "Xavier," the malicious promotion library, initially emerged inwards September 2016, is a fellow member of AdDown malware family, potentially posing a severe threat to millions of Android users.


Since xc per centum of Android apps are gratis for anyone to download, advertising on them is a telephone commutation revenue source for their developers. For this, they integrate Android SDK Ads Library inwards their apps, which ordinarily doesn't impact an app's nitty-gritty functionality.

According to safety researchers at Trend Micro, the malicious promotion library comes pre-installed on a broad gain of Android applications, including photograph editors, wallpapers in addition to ringtone changers, Phone tracking, Volume Booster, Ram Optimizer in addition to music-video player.

Features of Xavier Info-Stealing Malware

The previous variant of Xavier Ad library was a unproblematic adware alongside an might to install other APKs silently on the targeted devices, but inwards the latest release, the malware writer has replaced those features alongside to a greater extent than sophisticated ones, including:

• Evade Detection: Xavier is smart plenty to escape from existence analyzed, from both static in addition to dynamic malware analysis, past times checking if it is existence running inwards a controlled environs (Emulator), in addition to using information in addition to communication encryptions.
• Remote Code Execution: The malware has been designed to download codes from a remote Command & Control (C&C) server, allowing hackers to remotely execute whatever malicious code on the targeted device.
• Info-Stealing Module: Xavier is configured to pocket devices in addition to user related information, which includes user’ e-mail address, Device id, model, OS version, country, manufacturer, sim carte du jour operator, resolution, in addition to Installed apps.

According to the researchers, the highest let on of infected users are from Southeast countries inwards Asia such every bit Vietnam, Philippines, in addition to Indonesia, alongside a fewer let on of downloads are from the U.S. of A. in addition to Europe.

Here is a list of 75 infected Android apps that Google has already removed from its Play Store, in addition to if yous convey installed whatever of these apps on your device, yous are advised to take it immediately.

Android malware continues to evolve alongside to a greater extent than sophisticated in addition to never-seen-before capabilities alongside every passing day. Just concluding week, nosotros saw commencement Android malware alongside code injecting capabilities making rounds on Google Play Store.

How to Protect Yourself

The easiest agency to foreclose yourself from existence targeted past times a clever malware similar Xavier, e'er beware of fishy applications, fifty-fifty when downloading them from official Play Store in addition to endeavour to stick to the trusted brands only.

Moreover, e'er await at the reviews below left past times other users who convey downloaded the app in addition to verify app permissions earlier installing whatever app in addition to grant those permissions that convey are relevant for the app's purpose.

Last but non the least, yous are strongly advised to e'er maintain a skillful antivirus application on your device that tin abide by in addition to block such malware earlier they tin infect your device, in addition to maintain your device in addition to apps up-to-date.

Share This :