Atom

After Judy, a new malware ‘Xavier’ infects 800 apps in Google Play Store

Written by : IANS

Global cybersecurity firm Trend Micro on Friday announced it has detected more than 800 applications in Google Play Store embedded with a trojan Android malware "Xavier" that have been downloaded millions of times till date.

"Xavier" steals and leaks a user's information silently.

"These applications range from utility apps such as photo manipulators to wallpaper and ringtone changers. We also provide multi-layered mobile security solutions to protect users from this threat," Trend Micro said in a statement.

Based on data from its "Mobile App Reputation Service", the team found that Xavier's stealing and leaking capabilities are difficult to detect because of a self-protect mechanism through the use of methods such as string encryption, internet data encryption and emulator detection.

It also has the capability to download and execute other malicious codes from a remote server, which might be an even more dangerous aspect of the malware.

"The easiest way to avoid a cunning malware like 'Xavier' is to not download and install applications from an unknown source even if they are from legitimate app stores like Google Play Store," said Nilesh Jain, Country Manager (India and Saarc), Trend Micro.

This comes after a malware called ‘Judy’ hit over 36.5 million Android-based phones, making its way through Google Play Store.

According to cyber security firm Check Point, dozens of malicious apps have been downloaded between 4.5 million to 18.5 million times. Some of the malware-affected apps have been discovered residing on Google Play for several years.

"Judy" is one such case of how an open and free mobile operating system (OS) can be exploited by malicious app developers. 

The malicious apps primarily included a series of casual cooking and fashion games under the "Judy" brand, a name borrowed for the malware itself.

"Judy" is an auto-clicking adware which was found on 41 apps developed by a Korean company that uses infected devices to generate large amounts of fraudulent clicks on advertisements, generating revenues for the perpetrators behind it.

Also Read

Being KC Venugopal: Rahul Gandhi's trusted lieutenant

Former PM Deve Gowda’s son Revanna and grandson Prajwal booked for sexual harassment

KTR alleges that Union govt may make Hyderabad a Union territory

BJP warned about Prajwal Revanna videos months ago, still gave him Hassan ticket

A day after LS polls, Kerala Governor signs five pending Bills