When it comes to malware and harmful content, Play Store doesn’t have a spotless record. Quite recently, right after the world was panicking about Wannacry, a bunch of apps showed up on Play Store promising users that their phones will be safe from the attack if they install the said app. To the uninformed, Wannacry doesn’t even target phones. And that is just one instance. Similar instances of Dresscode, Judy and now Xavier malware have hounded unsuspecting users by stealing their data and infecting their devices.
More than 800 apps on Play Store have been infected by this new malware dubbed ‘Xavier’, which belongs to the AdDown malware family and is a malicious ad library. As many of you might have noticed, a large number of Android apps rely on advertisements on them to remain free and accessible. To incorporate ads, developers include ad libraries in their apps, which do not generally affect the performance of the app. This particular malicious library comes pre-installed on a lot of Android apps that are available on the Play Store.
How dangerous is it?
So, the basic version of Xavier malware could only install APKs without informing the user. But in its current version, the developer has included some additional capabilities, like stealing information, evading detection and remote code execution. It can avoid both static and dynamic malware detection mechanisms, can download code from a remote command and control centre, and even steal information like user’ email address, Device id, model, OS version, country, manufacturer, sim card operator, resolution, and Installed apps.
Check out this report for a full list of apps that have been removed by Google from the Play Store. If you have any of these, get rid of them right now.
As a piece of advice, it is always a good idea to check the reviews of a particular app before downloading it from any app store. Also, always check the permissions an app asks for, and if anything seems out of place, just decline that permission. And if you can, just stick to well-known apps that are unlikely to have such issues.
Image Credit: howtostartablogonline.net