Xavier is said to steal and leak a user's information silently.

After Judy a new malware Xavier infects 800 apps in Google Play Store
Atom Cyber Attack Friday, June 23, 2017 - 12:40
Written by  IANS

Global cybersecurity firm Trend Micro on Friday announced it has detected more than 800 applications in Google Play Store embedded with a trojan Android malware "Xavier" that have been downloaded millions of times till date.

"Xavier" steals and leaks a user's information silently.

"These applications range from utility apps such as photo manipulators to wallpaper and ringtone changers. We also provide multi-layered mobile security solutions to protect users from this threat," Trend Micro said in a statement.

Based on data from its "Mobile App Reputation Service", the team found that Xavier's stealing and leaking capabilities are difficult to detect because of a self-protect mechanism through the use of methods such as string encryption, internet data encryption and emulator detection.

It also has the capability to download and execute other malicious codes from a remote server, which might be an even more dangerous aspect of the malware.

"The easiest way to avoid a cunning malware like 'Xavier' is to not download and install applications from an unknown source even if they are from legitimate app stores like Google Play Store," said Nilesh Jain, Country Manager (India and Saarc), Trend Micro.

This comes after a malware called ‘Judy’ hit over 36.5 million Android-based phones, making its way through Google Play Store.

According to cyber security firm Check Point, dozens of malicious apps have been downloaded between 4.5 million to 18.5 million times. Some of the malware-affected apps have been discovered residing on Google Play for several years.

"Judy" is one such case of how an open and free mobile operating system (OS) can be exploited by malicious app developers. 

The malicious apps primarily included a series of casual cooking and fashion games under the "Judy" brand, a name borrowed for the malware itself.

"Judy" is an auto-clicking adware which was found on 41 apps developed by a Korean company that uses infected devices to generate large amounts of fraudulent clicks on advertisements, generating revenues for the perpetrators behind it.