New Android backdoor, Xamalicious, discovered in 14 malicious apps on Google Play Store
Android users are once again facing a significant threat from malware with the discovery of a new backdoor called Xamalicious. Cybersecurity firm McAfee found this malicious backdoor hiding in 14 apps on the Google Play Store, which have since been removed. Xamalicious is a .NET-based backdoor that can be embedded in any app developed using the Xamarin framework. This malware strain has been distributed on the Play Store since mid-2020, potentially infecting hundreds of thousands of devices without the users’ knowledge.
Malware Alert: Over 300,000 Android smartphones infected by new Xamalicious backdoor
According to reports, the Xamalicious backdoor has managed to infect over 300,000 Android smartphones. This marks a significant threat to user privacy and device security. The malware was initially discovered in 14 malicious apps on the Google Play Store, which have now been removed. However, cybercriminals are spreading the Xamalicious malware through 12 additional malicious apps found on unofficial third-party app stores. These apps need to be sideloaded onto smartphones using APK files. It is crucial for Android users to be vigilant and take immediate action to protect their devices from this growing threat.
How to remove malicious apps containing Xamalicious malware from your Android device
To safeguard your Android device from the Xamalicious malware, it is crucial to remove any malicious apps. Although these apps have been removed from the Google Play Store, manual removal is still required for already installed apps. Users must check their devices for the following popular apps that were found to contain the Xamalicious backdoor: “Essential Horoscope for Android,” “3D Skin Editor for PE Minecraft,” “Logo Maker Pro,” “Auto Click Repeater,” “Count Easy Calorie Calculator,” “Dots: One Line Connector,” and “Sound Volume Extender.” Users should navigate to Settings, then Apps, and review the list of All Apps to ensure the absence of any of these malicious apps.
Xamalicious backdoor: The dangerous capabilities of this new Android malware strain
The Xamalicious backdoor leverages the Accessibility Service, gaining access to various privileges on an infected Android device. Once granted permission, Xamalicious gains control over navigation gestures, hides on-screen elements, and even grants itself additional permissions. The malware establishes communication with a command and control server to download a second-stage payload, enabling it to collect and transmit sensitive user data such as device information and geographic location. Additionally, researchers have found connections between Xamalicious and an ad-fraud app called “Cash Magnet,” suggesting a potential link between these malicious campaigns.
Stay safe from malicious Android apps: Tips to protect your device from Xamalicious
To protect your Android device from malicious apps like Xamalicious, it is critical to exercise caution when downloading and installing new apps. Carefully review an app’s rating and reviews in the official app store. However, since fake reviews are becoming common, external reviews and video demonstrations can provide additional insights into the app’s authenticity. Furthermore, avoiding the sideloading of apps from unofficial third-party stores reduces the risk of malware infection. Stick to trusted and official app stores like the Google Play Store and Samsung Galaxy Store. Installing a reliable Android antivirus app or using Google Play Protect, which comes pre-installed on most Android devices, adds an extra layer of protection by scanning apps for malware. By following these precautions, users can mitigate the risk of falling victim to malicious Android apps such as Xamalicious.
Analyst comment
Positive: The discovery of the Xamalicious backdoor and its removal from the Google Play Store is a positive development for Android users.
Short analysis: The market will be more cautious about downloading apps from unofficial third-party stores and will rely on trusted app stores like the Google Play Store for downloading apps. Users will also invest in reliable Android antivirus apps to protect their devices from malware like Xamalicious.
