Android malware ‘Xamalicious’ targets over 327,000 devices

Check out the list of 25 affected apps that you may want to look out for

Android malware ‘Xamalicious’ targets over 327,000 devices

Android users are no strangers to malware attacks. It recently made the news after a ‘Chameleon’, a new malicious code, attacked both Android 13 and 14 devices. However, a new The Hacker News report mentions how another similar malware has already targeted as many as 327,000 Android devices. 

Christened ‘Xamalicious’ by the McAfee Mobile Research Team, the malware is believed to cause a number of potentially threatening activities on your smartphone via apps. Check out the list of affected apps, along with everything you need to know about staying safe. 

Android 'Xamalicious' malware: What's there to know?

Developed using an open-source mobile app network known as Xamarin, Xamalicious attacks your phone’s accessibility permissions in order to fulfil its objectives. It can further gather metadata of the compromised device and also contact a command-and-control (C2) server (if it fits the bill) to fetch a second-stage payload.

ALSO READ: Types of communication you should never click on

This second-stage payload then takes full control of the infected device with the permissions that were granted using the compromised accessibility settings. It even has the ability to self-update the main APK and can perform activities, including banking transactions, using a trojan or spyware.

Who is at risk with this malware?

Xamalicious typically mimics games, horoscopes, lifestyle or health apps that could harm an Android device post installation. The research team at McAfee identified 25 different apps that have been in existence since mid-2020 on the Google Play Store.

However, according to the report, these apps have already affected roughly about 327,000 devices. Currently, the most affected users have been observed around the American continent, with activity across the USA, Brazil, and Argentina. Several devices in Europe, including the UK, Spain and Germany, have also reported this malware. Check out 10 of these apps that are potential threats to your smartphone:

1) Essential Horoscope for Android (com.anomenforyou.essentialhoroscope)
2) Logo Maker Pro (com.vyblystudio.dotslinkpuzzles)
3) Auto Click Repeater (com.autoclickrepeater.free)
4) Count Easy Calorie Calculator (com.lakhinstudio.counteasycaloriecalculator)
5) LetterLink (com.regaliusgames.llinkgame)
6) NUMEROLOGY: PERSONAL HOROSCOPE &NUMBER PREDICTIONS (com.Ushak.NPHOROSCOPENUMBER)
7) Step Keeper: Easy Pedometer (com.browgames.stepkeepereasymeter)
8) Track Your Sleep (com.shvetsStudio.trackYourSleep)
9) Astrological Navigator: Daily Horoscope & Tarot (com.Osinko.HoroscopeTaro)
10) Universal Calculator (com.Potap64.universalcalculator)

How to protect your Android device from Xamalicious and other malicious software

Having an additional layer of protection can help you minimise the risk of malware attacks on your smartphone. Apart from this, another way to ensure your device stays safe is by only installing apps that are available on the Google Play Store.

Apps that come from an unknown source should be avoided at all costs. Lastly, ensure you don’t grant permissions and make it a point to review any older ones from time to time. While it is challenging to tell which apps can be potentially harmful, doing a simple background check for suspicious titles could help you (and your Android smartphone) go a long way.

Unleash your inner geek with Croma Unboxed

Subscribe now to stay ahead with the latest articles and updates

You are almost there

Enter your details to subscribe

0

Disclaimer: This post as well as the layout and design on this website are protected under Indian intellectual property laws, including the Copyright Act, 1957 and the Trade Marks Act, 1999 and is the property of Infiniti Retail Limited (Croma). Using, copying (in full or in part), adapting or altering this post or any other material from Croma’s website is expressly prohibited without prior written permission from Croma. For permission to use the content on the Croma’s website, please connect on contactunboxed@croma.com

Comments

Leave a Reply
  • Related articles
  • Popular articles
  • Laptops

    AMOS: How this malware steals data from your macOS computers

    Atreya Raghavan

  • Laptops

    10 most common passwords in India

    Khevna Pandit

  • Smartphones

    10 online scams and how to avoid them

    Khevna Pandit

  • Gaming

    GTA V cheat codes: A complete list

    Karthekayan Iyer

  • Smartphones

    All Apple iPhones launched since 2007

    Chetan Nayak

  • Smartphones

    24 hours with Xiaomi 14 Civi

    Chetan Nayak