Android malware ‘Xamalicious’ targets over 327,000 devices

Android users are no strangers to malware attacks. It recently made the news after a ‘Chameleon’, a new malicious code, attacked both Android 13 and 14 devices. However, a new The Hacker News report mentions how another similar malware has already targeted as many as 327,000 Android devices. 

Christened ‘Xamalicious’ by the McAfee Mobile Research Team, the malware is believed to cause a number of potentially threatening activities on your smartphone via apps. Check out the list of affected apps, along with everything you need to know about staying safe. 

Android 'Xamalicious' malware: What's there to know?

Developed using an open-source mobile app network known as Xamarin, Xamalicious attacks your phone’s accessibility permissions in order to fulfil its objectives. It can further gather metadata of the compromised device and also contact a command-and-control (C2) server (if it fits the bill) to fetch a second-stage payload.

ALSO READ: Types of communication you should never click on

This second-stage payload then takes full control of the infected device with the permissions that were granted using the compromised accessibility settings. It even has the ability to self-update the main APK and can perform activities, including banking transactions, using a trojan or spyware.

Who is at risk with this malware?

Xamalicious typically mimics games, horoscopes, lifestyle or health apps that could harm an Android device post installation. The research team at McAfee identified 25 different apps that have been in existence since mid-2020 on the Google Play Store.

However, according to the report, these apps have already affected roughly about 327,000 devices. Currently, the most affected users have been observed around the American continent, with activity across the USA, Brazil, and Argentina. Several devices in Europe, including the UK, Spain and Germany, have also reported this malware. Check out 10 of these apps that are potential threats to your smartphone:

1) Essential Horoscope for Android (com.anomenforyou.essentialhoroscope)
2) Logo Maker Pro (com.vyblystudio.dotslinkpuzzles)
3) Auto Click Repeater (com.autoclickrepeater.free)
4) Count Easy Calorie Calculator (com.lakhinstudio.counteasycaloriecalculator)
5) LetterLink (com.regaliusgames.llinkgame)
6) NUMEROLOGY: PERSONAL HOROSCOPE &NUMBER PREDICTIONS (com.Ushak.NPHOROSCOPENUMBER)
7) Step Keeper: Easy Pedometer (com.browgames.stepkeepereasymeter)
8) Track Your Sleep (com.shvetsStudio.trackYourSleep)
9) Astrological Navigator: Daily Horoscope & Tarot (com.Osinko.HoroscopeTaro)
10) Universal Calculator (com.Potap64.universalcalculator)

How to protect your Android device from Xamalicious and other malicious software

Having an additional layer of protection can help you minimise the risk of malware attacks on your smartphone. Apart from this, another way to ensure your device stays safe is by only installing apps that are available on the Google Play Store.

Apps that come from an unknown source should be avoided at all costs. Lastly, ensure you don’t grant permissions and make it a point to review any older ones from time to time. While it is challenging to tell which apps can be potentially harmful, doing a simple background check for suspicious titles could help you (and your Android smartphone) go a long way.