of best android smartphones is under attack again, this time with a previously unknown backdoor used to infect over 300,000 smartphones.
According to reports peepee computerXamalicious is a new Android backdoor found hiding in 14 malicious apps. Google Play Store by cybersecurity company McAfee.
The good news is that the malicious app in question has since been removed from Google’s official Android app store. However, the cybercriminal behind this campaign also uses another set of his 12 malicious apps located in unofficial third-party app stores to spread the Xamalicious malware. These apps are sideloaded However, it will not be installed on your smartphone as it is installed via an APK file.
Here’s everything you need to know about this new Android malware, as well as all the tips and tricks to stay safe from malicious apps.
Delete these apps now
As mentioned earlier, all the apps listed below have been removed from the Google Play Store. However, if you have any of these installed on your Android smartphone or tablet, you will need to remove them manually. The most popular malicious apps containing Xamalicious malware are:
- Essential horoscope for Android – 100,000 installs
- 3D Skin Editor for PE Minecraft – 100,000 installs
- logo maker pro – 100,000 installs
- autoclick repeater – 10,000 installs
- Count easy calorie calculator – 10,000 installs
- Dot: Single wire connector – 10,000 installs
- volume extender – 5,000 installs
Although some of these malicious apps are new, McAfee notes: blog post Those variants have been distributed on the Play Store since mid-2020. This means you may have accidentally installed one of these on your Android device years ago without realizing it. Therefore, for your safety,[è¨å®š],[アプリ]to see a list of all apps.I recommend doing this from time to time Limit the number of apps on your phone It also helps you stay safe from mobile malware.
Add a backdoor to your Android smartphone
Xamalicious is a .NET-based Android backdoor that can be embedded into any app developed using the open source Xamarin framework. This also makes it more difficult to analyze malicious code contained in these apps.
One of them is malicious app When the above software is installed on an Android smartphone, it first requests access to the operating system. accessibility services. Once the user grants this access, the malware is able to perform various privileged actions on the infected smartphone, such as navigation gestures, hiding on-screen elements, and even granting itself additional privileges. Masu.
From here, the malware begins with hacker-controlled command and control (C2) downloads the second stage payload from the server, but only if certain prerequisites are met. Xamalicious has many features, including the ability to collect device information, geolocation data, route information, and more.
McAfee said researchers at the cybersecurity firm also found a link between the malware and an ad fraud app called “Cash Magnet” that automatically clicks and installs ads. adware on the victim’s smartphone. Ad fraud not only hurts your business, but it can slow down your smartphone’s performance, consume mobile data, and drain your battery in the background without your knowledge.
How to protect yourself from malicious Android apps
The first and most important thing you can do to protect yourself from malicious apps is to be extremely careful when downloading and installing new apps. You want to take a closer look at app ratings and reviews on the Play Store, but you should also look at external reviews, as these can be fake. Video reviews showing the app in question in action are especially helpful here.
At the same time, you also want to avoid sideloading apps, no matter how fast and convenient it is to install apps using APK files. These apps from unofficial third-party app stores don’t go through the same rigorous security checks that apps from official stores do, and may contain malware. This is why you want to stick to official Android app stores like Google Play Store, Samsung Galaxy Store, and Amazon Appstore.
To keep your data and devices safe, you should use one of the following: Best Android antivirus app On your smartphone. However, if your budget is limited, Google Play Protect It also scans all new apps you download and existing apps for malware. It’s completely free and comes pre-installed on most Android smartphones.
Malicious apps may not be available any time soon, as they have proven to be highly successful for hackers and other cybercriminals. For this reason, you should carefully check and review new apps before installing them on your device.