Digit Geek
Digit Geek > Recent Articles > Technology > Yet another malware, Xavier, spreads via Play Store

Yet another malware, Xavier, spreads via Play Store

After Judy and Dresscode, now Xavier is the latest entrant into a queue of malware that has managed to reach a large number of Android phones.

When it comes to malware and harmful content, Play Store doesn’t have a spotless record. Quite recently, right after the world was panicking about Wannacry, a bunch of apps showed up on Play Store promising users that their phones will be safe from the attack if they install the said app. To the uninformed, Wannacry doesn’t even target phones. And that is just one instance. Similar instances of Dresscode, Judy and now Xavier malware have hounded unsuspecting users by stealing their data and infecting their devices.

More than 800 apps on Play Store have been infected by this new malware dubbed ‘Xavier’, which belongs to the AdDown malware family and is a malicious ad library. As many of you might have noticed, a large number of Android apps rely on advertisements on them to remain free and accessible. To incorporate ads, developers include ad libraries in their apps, which do not generally affect the performance of the app. This particular malicious library comes pre-installed on a lot of Android apps that are available on the Play Store.

How dangerous is it?

So, the basic version of Xavier malware could only install APKs without informing the user. But in its current version, the developer has included some additional capabilities, like stealing information, evading detection and remote code execution. It can avoid both static and dynamic malware detection mechanisms, can download code from a remote command and control centre, and even steal information like user’ email address, Device id, model, OS version, country, manufacturer, sim card operator, resolution, and Installed apps.

Check out this report for a full list of apps that have been removed by Google from the Play Store. If you have any of these, get rid of them right now.

As a piece of advice, it is always a good idea to check the reviews of a particular app before downloading it from any app store. Also, always check the permissions an app asks for, and if anything seems out of place, just decline that permission. And if you can, just stick to well-known apps that are unlikely to have such issues.

Image Credit: howtostartablogonline.net

Arnab Mukherjee

Arnab Mukherjee

A former tech-support desk jockey, you can find this individual delving deep into all things tech, fiction and food. Calling his sense of humour merely terrible would be a much better joke than what he usually makes.