Security experts have identified 25 new apps that can cause confusion for Android users.
The malware, known as Xamalicious, is designed to take control of your device and install further software on your smartphone or tablet. It is also used to click on advertisements behind the scenes to generate revenue for hackers and world experts. Antivirus company McAfee I warned you.
This new malware was found within 14 applications available on the Google Play Store. Three of these apps were installed on more than 100,000 devices by the time the McAfee expert asked his Google to remove them from the digital store.
These apps are no longer available for download, but this only prevents new victims from being infected with the fake software. The thousands of people who have already downloaded these apps should manually remove them from their Android smartphones, tablets, or Chromebooks to stay safe.
McAfee data reveals that most of the installations took place in the UK, US, Brazil, Spain, and Germany.
a 11 more apps are intertwined Zamaricious was discovered Online other than the Play Store. These were only available to those who manually install software via their APK from other sources. influence The number of Android devices is much smaller.
To be able to remotely install software on Android smartphones, hackers needed to be able to control what was happening on the screen without having physical access to the device. Xamalicious was able to achieve this through accessibility features built into Android for legitimate software.
All 25 dangerous apps attempted to convince Android users to allow access to accessibility features during the installation process. If the request is approved,Hassle Apps may be hidden on screen Since it is an element wCan not can see something wrong malicious code Installation has started New app or CLI’m tired of it Advertisements to fill cybercriminals’ bank accounts.
“Avoid using apps that require accessibility services unless you really need to use them. A new app claims to be necessary without any real reasonable reason and asks you to ignore operating system warnings.” “If someone tries to convince you to activate accessibility services, that’s a red flag,” McAfee experts advise.
Google is working hard to remove malware from the Play Store so that Android users can install apps without worrying about cyberattacks. The system, called Google Play Protect, scans 125 billion apps every day across Android devices to protect you from malware and unwanted software.
When an AI-powered system detects a potentially harmful app, Google Play Protect can take certain actions such as sending a warning, preventing the app from being installed, or automatically disabling the app.
But digital criminals are getting smarter all the time, and apps are slipping through the net. A complete list of his 13 malicious apps discovered by McAfee researchers can be found in his Google Play Store below.
If you find any of these on your device, remove them now instead of waiting until Google Play Protect is enabled.
- 3D Skin Editor for PE Minecraft | 100,000 downloads
- Logo Maker Pro | 100,000 downloads
- Autoclick Repeater | 10,000 downloads
- Count easy calorie calculator | 10,000 downloads
- Volume Extender | 5,000 downloads
- Letter Link | 1,000 downloads
- Numerology: Personal horoscope and number prediction | 1,000 downloads
- Step Keeper: Easy Pedometer | 500 Downloads
- Track your sleep | 500 downloads
- Volume Booster | 100 Downloads
- Astrology Navigator: Daily Horoscope and Tarot | 100 Downloads
- Universal calculator | 100 downloads
All of the malicious apps identified by researchers were built using Xamarin, an open-source framework that allows you to build Android and iOS apps using .NET and C#.
This is what’s behind the malware’s Xamalicious name, but it may also explain why some apps (which first hit the Google Play Store in 2020) took so long to search. there is.
The researchers concluded: “Android applications written in non-Java code using frameworks like Flutter, React Native, and Xamarin provide an additional layer of obfuscation for malware authors looking to evade detection and stay under the security radar. We support our vendors and maintain our presence in the app market.”