Android Malware which Steals Financial and Personal Credentials Downloaded Millions of Times
More than 800 Android applications of Google Play are found as infected, with "silent" data leaking and stealing malware. This malicious adware is in existence since the year 2016 and functions under radar which becomes difficult to identify its activities.
As per Trend Micro researchers, who discovered the danger, Xavier can download as well as execute other malicious codes, and also steal financial and personal credentials of users. The infected apps types include utilities, photo manipulators, ringtone chargers, wallpaper, anti-virus apps and many more. Researchers claimed that the infected applications were already downloaded million times.
The Tokyo-based company said: "Xavier can download and execute other malicious codes which might be an even more dangerous feature of the malware. Stealing and leaking abilities of Xavier are difficult to be identified because of a self-protected mechanism which allows it to escape both dynamic and static analysis."
Also, the malware uses techniques to evade security like "String encryption, emulator detection and Internet data encryption" to avoid getting identified by anti-virus and security programs. Ibtimes.co.uk posted June 14th, 2017, quoting researchers as saying "Leaking and stealing capabilities of Xavier are difficult to identify because of a self-protected mechanism which allows it to avoid both dynamic and static analysis."
This malware is capable of installing APKs on rooted devices besides stealing and leaking data of users. Xavier is capable to connect with its server of C&C (Command & Control) without encryption being remained undetected all the time.
Google has started removing the malicious applications from the Google Play, whereas 75 Xavier infected applications were already removed from Play Store. However, there is no surety about safety of users from the malware. In maximum cases, the malware-infected applications come from 3rd party sites. Therefore, it is necessary to never download and install applications from strange sources.
Users of Android are also advised to use verified security software and always scan their devices. Another notable thing about Android is that it is one of the most targeted smartphones operating systems in the world. To become safe from malicious applications, RiskQ recommends users to only download apps from official app stores which are better in removing dangerous downloads than stores of third party.
» SPAMfighter News - 16-06-2017
We are happy to see you are reading our IT Security News.
We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!