Login
Login

Xavier Malware Infects over 800 Android Apps on Google Play Store

Quixxi is an intelligent and integrated end-to-end mobile app security solution​.
[ultimate_heading main_heading=”Xavier Malware Infects over 800 Android Apps on Google Play Store” alignment=”left”]

By Parthipan Baktavatsalam Project Manger[/ultimate_heading]

Over 800 different Android apps that have been downloaded millions of times from Google Play Store found to be infected with malicious ad library that silently collects sensitive user data and can perform dangerous operations.

According to security researchers at Trend Micro, the malicious ad library comes pre-installed on a wide range of Android applications, including photo editors, wallpapers and ringtone changers, Phone tracking, Volume Booster, Ram Optimizer and music-video player.

[ultimate_heading main_heading=”How does Xavier Malware work?” alignment=”left”][/ultimate_heading]

The previous variant of Xavier Ad library was a simple adware with an ability to install other APKs silently on the targeted devices, but in this latest release, the malware author has replaced those features with more sophisticated ones, including:

Evade Detection: Xavier is smart enough to escape from being analyzed, from both static and dynamic malware analysis, by checking if it is being running in a controlled environment (Emulator), and using data and communication encryptions.

Remote Code Execution: The malware has been designed to download codes from a remote Command&Control (C&C) server, allowing hackers to remotely execute any malicious code on the targeted device.

Info-Stealing Module: Xavier is configured to steal devices and user related information, which includes user’ email address, Device id, model, OS version, country, manufacturer, sim card operator, resolution, and Installed apps.

According to the researchers, the highest number of infected users are from Southeast countries in Asia such as Vietnam, Philippines, and Indonesia, with fewer number of downloads.

[ultimate_heading main_heading=”How to defend from this malware” alignment=”left”][/ultimate_heading]

The simplest way to prevent the malware like Xavier is to be aware of application behaviour, even when you download them from the official Play Store App reviews can expose the true nature of the app, as many users would have pointed out the suspicious behaviour.

Timely updates of Operating system and its patches can also help to defend against the malware.

Quixxi Vulnerability Assessment performs detection against malware and it can be used to test the apps before deployment to the play store to confirm that there is no malware is present in the signed build.

Quixxi also offers a Security Wrapper which is a multilayered binary protection engine. It uses military grade cryptography standards and security algorithms to prevent reverse engineering, malware and tampering.

To know more about Quixxi and how to protect your mobile apps and your business, click here

Suggested Blogs

Protect your mobile app against juice jacking fraud

Protect Your Mobile App Against Juice Jacking Fraud

Published at 24 Oct 07:10

Security breaches that include mobile devices are on the rise with the exponential growth of smartphones. Fraudsters will target any mobile device with more people using smartphones. Each operating …

Mobile App Code Protection

Code Protection: How to Protect Your Source Code 

Published at 16 Sep 01:09

Code protection describes the tactics and procedures used to protect source code from theft, unauthorized access, and misuse. Source code is the most important intellectual property of the …

Mobile app security

Mobile Application Attacks, Static and Dynamic 

Published at 21 Jun 08:06

Mobile apps have become an integral part of our daily lives. From social networking and entertainment to banking and communication, nearly everything can be done on a smartphone. Because sensitive …