Beware! New Malware in Android ‘The Xavier’ quietly steels phone data


New Delhi: A new Trojan malware has been discovered that is pretty nasty as over 800 Android apps on Google Play have been found infected with information-collecting malware called 'Xavier'. 
The malware is capable of downloading and executing other malicious codes, as well as stealing users' personal and financial data. According to security experts, the malware has been pre-installed on a wide range of free Android applications, such as photo manipulators, utilities, and wallpaper apps among others.

The malware has been designed to download remotely executable codes from a server, and it is configured to silently collect sensitive user data including email address, device id, model, OS version, country, manufacturer, SIM card operator, resolution, and installed apps. And it is smart enough to escape from being analysed by security programs.
Xavier is not new as it has been detected since 2015. The malware belongs to a malicious adware family called AdDown and its first version was dubbed "joymobile".
The previous variant of Xavier was a simple adware with an ability to install other APKs silently on the targeted devices. But in this latest release, the malware author has replaced those features with more sophisticated ones, including; Evade Detection, Remote Code Execution and Info-Stealing Module etc.
Therefore, the simplest way to prevent the malware like Xavier is to be aware of application behaviour, even when you download them from the official Play Store App and timely updates of operating system and its patches can also help to defend against the malware.


Add comment

Security code