Around 800 different Android applications which were downloaded million times from the Google Play Store was found to be infected by a malicious ad library that collects sensitive or precious user data and can do many dangerous things.
The name of this malicious ad library was “Xavier” which was initially founded in September 2016 and it is the member of AdDown Malware family which creates a thread to million of Android users.
Almost 90% of the Android applications are free on the Google Play Store to download and Advertising or AdMob is the only thing by which the developers earn from their applications. And for this, they make an Android SDK ads library in their applications which don’t affect the app’s core functionality.
And, according to the security researchers of TrendMicro, the malicious at the library is coming pre-installed on many applications like photo editors, wallpapers, phone tracking, ringtone changer comma Volume Booster, music video player and RAM optimizer.
Features of Xavier information stealing Malware
The Xavier ad library was a simple adware which has a capability to install other APK silently on any smartphone but in the latest version and now the author replaces those feature with more complex things.
- Evade Detection: This malware is intelligent to escape from being tracked by any static or dynamic Malware analysis if it is running in a controlled environment with the help of using data and communication encryptions.
- Remote code execution: This malware is designed to download the codes from remote Control and Command service which allows hackers to remotely inject any malicious code on the smartphone.
- Info-stealing module: This can easily steal users many formations like email address, model, device ID, country, OS version, sim card operator, manufacturer, installed apps and resolution.
And according to the researchers, the maximum number of infected Android users are from South East countries of Asia like Indonesia, Philippines and Vietnam and some of the downloads from the United States of America and Europe too.
You can check the list of 75 infected Android application that Google has already removed from the directory of Play Store and you somehow installed these apps on your smartphone, we suggest you remove it as soon as possible.
Here is the question how to protect yourself?
The simplest way to protect yourself from any targeted or Malware like Xavier is beware of fishy applications even when you are downloading it from the Google Play Store and try to download the application from trusted brands only.
And when you are downloading any application from Google Play store first read the reviews below left by the other users and verify all the permissions before installing any application and grant those permissions that you want to give to the application.
Last thing that you want to know to protect yourself from these always is always keep a good anti-virus application on your smartphone that can detect and block all these kind of malware before they can affect or harm your smartphone and keep your device and all the application up to date so that it helps you to prevent yourself from these viruses.