Alert Android Users: New dangerous Malware found in 14 apps, delete them immediately-Check Here list

Advertisements

A recent discovery by McAfee researchers has revealed a new Android backdoor malware named ‘Xamalicious,’ infecting approximately 338,300 devices through malicious apps on the Google Play Store. The malware was found in 14 affected apps, three of which had amassed 100,000 installs each before being removed from the Google Play Store. While they won’t be visible in the Play Store, those who have accidentally installed them on phones should delete them immediately.

The affected apps have been taken down from the app store, and users who installed them since mid-2020 may still have active Xamalicious affections on their devices. Hence, users are advised to manually clean up their devices. People can check if there are unwanted apps or any sort of setting or anything that looks suspicious to you should get removed from your smartphone.



In addition to the apps on Google Play, a separate group of 12 malicious apps having the Xamalicious threat is circulating on unauthorized third-party app stores, affecting users through APK file downloads, ANI reported.

Xamalicious, an Android backdoor, is distinctive for being based on the.NET framework and integrated into apps developed using the open-source Xamarin framework. This feature presents a heightened challenge for cybersecurity experts conducting code analysis. Upon installation, Xamalicious seeks access to the Accessibility Service, enabling it to perform privileged operations such as executing navigation gestures, concealing on-screen elements, and obtaining additional permissions.

Following installation, the malware initiates communication with a Command and Control (C2) server to retrieve the second-stage DLL payload (‘cache.bin’). This retrieval is contingent on meeting specific criteria, including geographical location, network conditions, device configuration, and root status.

Android users are strongly advised to check their devices for any signs of Xamalicious infections, even if they have uninstalled the implicated apps. It is better to use a good antivirus software for manual clean-up and regular device scanning is recommended to ensure protection against such malware threats.

Understanding the Xamalicious Threat
Xamalicious operates like a secret “key” for attackers, offering them remote access to your phone. Once installed, it can potentially:

  • Steal your sensitive data: Contacts, messages, call logs, financial information, passwords, and more are all vulnerable.
  • Hijack your device: Imagine your phone making calls or sending texts without your knowledge – Xamalicious can do just that.
  • Track your every move: Your browsing history, app usage, and even location data can be monitored, revealing your entire digital footprint.
  • Spread like wildfire: The malware can potentially infect other devices connected to your phone, putting your network at risk.

Were You Affected?

Advertisements


List of 14 Apps widely installed Xamalicious-affected Android apps are as follows:

1)Essential Horoscope for Android (100,000 installs)
2)3D Skin Editor for PE Minecraft (100,000 installs)
3)Logo Maker Pro (100,000 installs)
4)Auto Click Repeater (10,000 installs)
5)Count Easy Calorie Calculator (10,000 installs)
6)Dots: One Line Connector (10,000 installs)
7)Sound Volume Extender (5,000 installs)

8)Letterlink(1000 Downloads)

9)Numerology:Personal Horoscope & Number Predictions(1000 Downloads)

Advertisements

10)Universal Calculator:(1000 Downloads)

11)Sound Volume Booster: (100 Downloads)

12)Track Your Sleep:(500 Downloads)

13)Step Keeper:Easy Pedometer(500 Downloads)

Advertisements

14)Astrological Navigator:Daily Horoscope & Tarot (100 Downloads)

However, beware – this list is not exhaustive. Even if you haven’t noticed any suspicious activity, taking precautions is essential.

Protecting Yourself from Xamalicious

  • If you suspect Xamalicious might be lurking on your phone, act promptly:
  • Uninstall any of the listed apps immediately. Don’t wait for symptoms; better safe than sorry.
  • Run a thorough security scan using a reputable antivirus or anti-malware app. Be proactive in hunting down the threat.
  • Change your passwords for all potentially breached accounts, including bank accounts, email, social media, and any other sensitive platforms.
  • Report the app to Google Play Store by flagging it as “Suspicious activity.” Help protect others from falling victim.
  • Stay Safe, Stay Informed
    Cybersecurity threats constantly evolve, so we recommend taking these additional steps:
  • Download apps only from trusted sources: Stick to the official Google Play Store and avoid third-party app stores or shady websites.
  • Verify app reviews and ratings: Before installing any app, check what other users are saying. Legitimate apps usually have positive reviews.
  • Scrutinise app permissions: Don’t grant unnecessary access, especially to sensitive data like contacts or financial information.
  • Keep your device and apps updated: Regularly update your Android OS and app versions to benefit from the latest security patches.
  • Enable two-factor authentication: Add an extra layer of security to your sensitive accounts wherever possible.

Recent Post

Centre Suspends Law On ‘Hit-And-Run’ Punishment Amid Protests

Government Postpones New Law on Hit-and-Run Cases After Transporters'...

Fresh Weather Update: Kashmir to Witness More Snowfall from 27th Feb

Fresh Weather Update: More Snowfall in Kashmir from 27th...

MET Predicts More Snow in Kashmir-Check Fresh Weather Forecast 29th Feb

MET Predicts More Snow in Kashmir-Check Fresh Weather Forecast 𝙒𝙚𝙖𝙩𝙝𝙚𝙧...

Forest Guard suspended for wearing pheran in Kashmir

  Meer Javaid The suspension letter issued by the Divisional Forest...

Massive Recruitment in J&K Police,4022 Posts Out

Massive Recruitment in J&K Police,4022 Posts Out Massive Recruitment Drive...

Shocker: Now Man Killed by Cousin Brother In North Kashmir

Aadil Abdullah A 38-year-old man was killed in Hajjin area...

Heavy Snowfall Started-Fresh Snowfall Predictions for Next 48 Hours

𝙒𝙚𝙖𝙩𝙝𝙚𝙧 𝙐𝙥𝙙𝙖𝙩𝙚 𝙅&𝙆:19.02.24 𝙁𝙤𝙧𝙚𝙘𝙖𝙨𝙩 ●Kashmir Division ●19-20th Feb:Possibility of light to moderate...

Sunny Leone’s photo on Police Exam Admit card, post goes viral

Sunny Leone's photo on UP Police exam admit card,...

Subject change, Re-admission: JKBOSE Issues Big Update-New Rules For 10th-12th Classes

Subject change, Re-admission: JKBOSE Issues Big Update-New Rules For...