Another trojan-based malicious code Xavier has been discovered in more than 800 apps on Google Play Store. Security firm TrendLabs detected the Trojan ad library and observed that the affected apps have been downloaded millions of times from Google Play Store itself.
Xavier Malware Found In Over 800 Android Apps On Google Play Store
The tech giant Google’s mobile platform, of course, Android is the most widely used operating system worldwide, and perhaps for that reason the most exploited in computing security.
Google have a process to scan apps before it publishes in Google Play store. However, Google’s system can be fooled indirectly or directly. Previously we have seen Judy Malware infecting devices to generate large volumes of fraudulent clicks on ads, converting into revenue for their creators.
Now, another trojan-based malicious code Xavier has been discovered in more than 800 apps on Google Play Store. Security firm TrendLabs detected the Trojan ad library and observed that the affected apps have been downloaded millions of times from Google Play Store itself.
Xavier malware has been found pre-installed on some wide range of applications which are free. Apps like Photo Editors, Wallpapers mostly contains Xavier malware and has been downloaded millions of times.
Let me describe what Xavier actually is, it’s an ad library, which is an element integrated into apps to enable advertising which generates revenue to their developers. You can also name it an adware. According to the reports from TrendMicro, Xavier has existed for over two years as the first version named joymobile appeared to be published on early 2015.
Xavier over the time became more powerful and now poses as more sophisticated kind of malicious software. Security experts stated that Xavier is now capable of avoiding detection, remote code execution and stealing user information. That simply means that this malware is smart enough to dodge security programs like antivirus, or anti-adware.
Researchers also claimed that this malware is being designed to download remotely executable codes from a server, and it is configured to calmly collect user data which includes, email address, device id, OS version, countries, SIM operators etc.
Vietnam, Phillippines, Indonesia are the Southeast Asian countries which recorded the highest number of download attempts. Few users in US and Europe also found downloading the affected apps.
So, the best thing that will protect your smartphones is to download apps from Trusted Developers only. Make sure to go through reviews and ratings before giving it some space. So, what do you think about this? Share your views in the comment box below.