McAfee researchers have recently uncovered a new Android malware called ‘Xamalicious,’ which has infected around 338,300 devices by exploiting malicious applications available on the Google Play Store. Three of the 14 applications that included the malware were taken down from the Play Store after receiving over 100,000 installations each. Although these apps are no longer visible on the platform, individuals who may have inadvertently installed them are strongly advised to promptly delete them from their phones.
New Malware Alert! Check Your Android Device for These 14 Apps
The McAfee Mobile Research Team has identified malware-infected apps on both Google Play and third-party app stores. This malware, named Xamalicious, is notable for its implementation with Xamarin, an open-source platform enabling the development of iOS and Android apps using C# and .NET.
Upon installation, the malicious application endeavors to acquire accessibility credentials through social engineering tactics. It then connects to a command-and-control server to assess whether to download a second payload. If the second payload is successfully installed, it can take full control of the device. This allows for the execution of various activities such as acting as a banking trojan or spyware, all without requiring user interaction, according to McAfee.
The apps are capable of unauthorized actions, such as installing additional apps or clicking on ads without user consent. McAfee suggests that the developers behind these are financially motivated, indicating that ad fraud could be one of the primary payloads of Xamalicious. McAfee has pinpointed 25 apps housing the threat, with 13 of them being distributed on Google Play Store, dating back to as early as 2020.
The majority of Xamalicious activity was observed in the United States, Argentina, and Brazil. Nonetheless, reports of infections were also received from Germany, Spain, and the United Kingdom.
List of the Infected Apps –
Essential Horoscope for Android – 100,000 downloads.
3D Skin Editor for PE Minecraft – 100,000 downloads.
Logo Maker Pro – 100,000 downloads.
Auto Click Repeater – 10,000 downloads.
Count Easy Calorie Calculator – 10,000 downloads.
Sound Volume Extender – 5,000 downloads.
LetterLink – 1,000 downloads.
NUMEROLOGY: PERSONAL HOROSCOPE &NUMBER PREDICTIONS – 1,000 downloads.
Step Keeper: Easy Pedometer – 500 downloads.
Track Your Sleep – 500 downloads.
Sound Volume Booster – 100 downloads.
Astrological Navigator: Daily Horoscope & Tarot – 100 downloads.
Universal Calculator – 100 downloads.
Android users are urged to thoroughly inspect their phones for potential Xamalicious infections, even if they have already uninstalled the affected apps. Employing reliable antivirus software and conducting regular device scans is advisable to enhance protection against such malware attacks.For more of the latest tech news, listicles, troubleshooting guides, and tips & tricks related to Windows, Android, iOS, and macOS, follow us on Facebook, Instagram, Twitter, YouTube, and Pinterest.