The Xavier malware found in 800 Google Play store apps can silently steal Android users' data.
(CCM) — A new and dangerous piece of Android malware has been found in over 800 apps that are available to download by unsuspecting smartphone users in the Google Play store. Xavier, as the malware has been named, was discovered by researchers at security firm Trend Micro in a range of utility apps such as photo manipulators to wallpaper and ringtone changers that have been downloaded millions of times.
Xavier steals and leaks infected smartphones' data silently. To do this, it first downloads malicious code from a remote server, installs it, and runs it. It can then upload information from an infected handset and send it to the server. It can also download more malicious code, so in the future it may display more dangerous or malevolent activity.
The malware is difficult to detect because it contains a "self-protect mechanism" that allows it to escape both static and dynamic analysis, according to Trend Micro. It achieves this using methods such as string encryption, internet data encryption, and emulator detection.
So far the majority of download attempts have come from countries in Southeast Asia, including Vietnam and Indonesia. The proportion of infected users in the U.S. and Europe is likely to be around one third of the total.
Image: © iStock.