Android recently hit 2 billion active users worldwide. That makes it the most used operating system in the globally, hackers have taken note and are launching new attacks every now and then.
The latest one was discovered by a Trend Micro, a security research company, it goes by the name Xavier. It belongs to the AdDown family that was discovered back in 2015. At the time, such malware could be easily detected by scanners but over the years they have advanced. The new version of Xavier has made its way into Google Playstore. It has already infected over 800 free apps, some of which have been downloaded millions of times. Most of these apps include photo editors, wallpaper apps, ringtone apps, volume boosters, and RAM optimizers. These free apps depend on adverts as their source of revenue which happens to be the core aspect of the malware.
Xavier is not detectable by anti-virus scanners making it more dangerous and almost unstoppable. In addition, it has the ability to install apps in your phone and other executable codes. Moreover, the malware steals sensitive information from your installed apps such as emails, phone model number, sim card details and much more. This information, when in the wrong hands, can be used for identify theft, ransom or even unauthorized access into your personal accounts.
At the moment, the most affected users are in Vietnam, Philippines and Indonesia; some European countries are not so lucky either as well as USA.
What users can do.
Most of the times, after a new malware is discovered, users are advised to use the Google Playstore as their only source of applications, but in this case, the store is compromised. The only way left to avoid malware is to only download apps from reputable developers (on the Google Playstore) , at least until the Xavier infected apps are removed from the store. Google is already working to clean up the malware, some apps have already been removed, but the complete exercise might take some time.