Nowadays, Google Play Store is flooded infectious apps or they are there for many years but we are unable to detect them. One such example is the brand new malware Xavier or should i say a 2 year old malware which has been detected recently.
“Xavier” steals and leaks a user’s information silently.
Global cybersecurity firm Trend Micro on Friday announced it has detected more than 800 applications in Google Play Store embedded with a Trojan Android malware “Xavier” that have been downloaded millions of times till date.
The trojan is designed to steal and leak a user’s information silently and so far has been downloaded millions of times, according to a June 13 blog post. So far, approximately 75 apps have since removed the trojan from their code.
The majority of downloads came from countries in Southeast Asia such as Vietnam 23.27 percent, Philippines 19.14 percent , and Indonesia 8.23 percent, with fewer downloads from the U.S. and Europe.
Unique features of the trojan include its embedded malicious behaviour that downloads codes from a remote server and the great lengths to it goes to protect itself from being detected through the use of methods such as String encryption, Internet data encryption, and emulator detection, researchers said in the post.
Xavier is difficult to detect because of a self-protect mechanism that allows it to escape both static and dynamic analysis and also uses encryption, Internet data encryption, and emulator detection. The trojan also has the ability to download and execute other malicious codes making it even more dangerous.
The malware family has been around for more than two years and is a member of the AdDown family. The latest version has since evolved to use a more timed code structure, remove APK installation, remove root check, encryption data with TEA and added mechanism to escape dynamic detection.
“The easiest way to avoid a cunning malware like ‘Xavier’ is to not download and install applications from an unknown source even if they are from legitimate app stores like Google Play Store,” said Nilesh Jain, Country Manager (India and Saarc), Trend Micro.
TecnoCoder 
Am sharing. Thanks.
LikeLiked by 1 person