Info-stealing malware Xavier has infected hundreds of free apps on Google Play Store

Info-stealing malware Xavier has infected hundreds of free apps on Google Play Store

Android users beware! Over 800 Android apps Google Play Store are found to be infected with information-collecting malware dubbed Xavier. According to Trend Micro security experts, the malware has been pre-installed on a wide range of free Android applications, such as photo editors and wallpapers, and has been downloaded millions of times so far. 

The Xavier malware is in fact an ad library – an element, integrated in free apps to enable advertising as a revenue source for their developers, and often referred to as adware. But being a relatively harmless and simple piece of adware when emerged two years ago, Xavier has recently evolved to a more dangerous and sophisticated kind of malicious software. Trend Micro’s security experts say it is now capable of evading detection, remote code execution, and stealing information. In other words, the malware is smart enough to escape from being analysed by security programs, it has been designed to download remotely executable codes from a server, and it is configured to silently collect sensitive user data including email address, device id, model, OS version, country, manufacturer, SIM card operator, resolution, and installed apps.

An example of an application on Google Play that contains an embedded Xavier ad library

An example of an application on Google Play that contains an embedded Xavier ad library


The highest number of reportedly infected users are from countries in South-east Asia such like Vietnam, Philippines, and Indonesia, with a smaller number of downloads from the US and Europe. The trend we see is more alarming since it is not the first time when Google Play Store is reported to host numerous malware infected apps. It actually happened twice just in the last few months: in March, when more than 100 Play Store apps tried to infect Android devices with Windows malware, and in May, when over 36 million Android devices where affected by the Judy malware.

On the bright side is the fact that you still have easy ways to protect your smartphones. The rules of thumb are simple: always download your apps from trusted developers on Google Play, read the reviews before the installation, and keep your device and apps updated.

source: TrendMicro via Techook

FEATURED VIDEO

23 Comments

1. Flash

Posts: 1972; Member since: May 19, 2017

Oh but I thought Android was "secure?"

2. ph00ny

Posts: 1976; Member since: May 26, 2011

and this doesn't happen on iOS?

20. Leo_MC

Posts: 6138; Member since: Dec 02, 2011

No, malware on iOS don't have access to sensitive data like email and passwords; they had access to general system info: device name, time, uuid (info I have no problem to give for free, if an app asks me nicely).

4. Myphoneisonfire

Posts: 403; Member since: Sep 05, 2016

It is secure from getting infected by viruses like you. Don't worry about it. You go back to playing with your 4.7" toy.

8. piyath

Posts: 2445; Member since: Mar 23, 2012

Android is garbage....lol Sometimes silence is the best answer to all the Android fanboy trolls. Truth (the fact than android is a stolen. poorly executed, unsafe, low quality product bought by Google for money thus no passion in developing that) will prevail no matter what they say.

10. sissy246

Posts: 6907; Member since: Mar 04, 2015

OMG you are the biggest troll on this site. NOTHING IS Safe 100%

16. jeroome86

Posts: 2314; Member since: Apr 12, 2012

Not quite.

12. Myphoneisonfire

Posts: 403; Member since: Sep 05, 2016

Hey Poo Poo Pooyath , welcome back. Haven't seen you around lately... What a "Truth". Ouch , that hurt so baaaad !! Happy now? Go and continue playing with your Barbie dolls. Bye. Take care Poo Poo.

23. buccob

Posts: 2945; Member since: Jun 19, 2012

I'm sure Apple works purely out of passion and not for the money /s Dumbass

3. slannmage

Posts: 289; Member since: Mar 26, 2013

Android is trash

6. maple_mak

Posts: 953; Member since: Dec 18, 2013

Haters are more trash.

5. Panzer

Posts: 270; Member since: May 13, 2016

IOS users have very bad memories. How easily they forgot about XcodeGhost. https://www.macrumors.com/2015/09/20/xcodeghost-chinese-malware-faq/

7. Flash

Posts: 1972; Member since: May 19, 2017

And here comes the deflecting and excuses.

22. Scott93274

Posts: 6025; Member since: Aug 06, 2013

Hey Remember that time when a text message crashed iPhones, or when clicking on a link would cause the iPhone to repeatedly call 911 over and over again crippling 911 dispatchers, or when Apple had discovered loads and loads of malware in the App Store, or when iPhone users had their nude pictures leaked all over the internet for the world to see because Apple sat on a reported issue with their cloud security for over a half year without doing anything about it? Or when thousands of iPhone users had their accounts locked out and they had to pay money to a hacker to get them unlocked? The difference between Android and iOS, is that if you're responsible on Android, you can have a flawless experience, where if you're responsible on iOS/iPhone, you're still at the mercy of anyone clever enough to exploit any of the many flaws/vulnerabilities with the OS/web services. As people have already stated on here. No platform is perfect, so stop trolling. Just because you changed your profile name doesn't make you any less of an asshat. Grow up.

9. PrYmCHGOan

Posts: 335; Member since: Sep 28, 2016

Here comes all the trolls. One platform being more or less secure, doesn't make any of them 100% secure. The problem here is very simple. People are evil. It is up to the store owner to make sure their clients are selling garbage. Google needs to step up and make sure apps they allow, are safe to download. All platforms have this issue. The only difference with lets say Windows is, not all Windows app come directly through or from Microsoft. But companies like Google and Apple, who have their own stores, and have an app verification process; should make sure the app meets the quality that it should. It should be installed and tested to make sure they don't have backdoors and malicious code. I know it is impossible to catch everything. But if 800 apps got in without detection, then that is a control problem. Why do you need an app to change wallpapers. I NEVER download those. If I want wallpapers, I google the type I want and pick and just save the image. I download the wallpapers PA posts and I pick from the pack. As usual, the biggest issue is in Asian countries, not in the US. All platforms have hacks and security issues. But as per usual, here come all the iSheeple with their security BS. All software is hack-able and can be used by people with malicious intent. All this BS like FlashBatmite/Mxy talkign about I though Android is more secure, is just a troll trying to start a debate. Don;t fall far it. All software has its security measures and all of them can be circumvented.

11. PrYmCHGOan

Posts: 335; Member since: Sep 28, 2016

@Piyath - Who was Android stolen from? Oh and all software is insecure because none are 100% secure. As I recall IOS has the same issues. Apple does have a better quality control for their apps. bet yet there are plenty of articles where IOS apps have been found to contain malicious code. So I fail to see how any imperfection is somehow perfection because you chose to use something different. No software is or will ever be 100% secure. The main reason is coders are not perfect and the fact there are people who sole purpose is to hack and create issues for hate or money. So your constant attacking of Android when iOS in fact has the same issue, makes you simply a stupid ignorant fool. You are the one who should STFU! You are a hypocrite and you only purpose of being here is to troll. Not once do you ever say anything with logic, thought or even any common sense whatsoever. You Apple fans have always been nothing but a bunch of lifeless pieces of garbage. Get a job you lazy good-for-nothing jag-off!

14. cnour

Posts: 2305; Member since: Sep 11, 2014

Techie, you are more than stupid.

13. Anchor

Posts: 160; Member since: Jun 16, 2017

With rooting and XPrivacy all your worries are gone. I might be the only one who thinks this is to get android users to download the paid/premium apps

15. jeroome86

Posts: 2314; Member since: Apr 12, 2012

Always some a holes trying to hack your info. Part of life in the tech world and on the outside.

18. Settings

Posts: 2942; Member since: Jul 02, 2014

I stopped reading when I saw Trend Micro. They just supply malwares and only they have the solution for it. They are known for this.

19. trojan_horse

Posts: 5868; Member since: May 06, 2016

"They just supply malwares and only they have the solution for it." Yeah, Scottie... In fact, almost all Software security companies do make malwares themselves and distribute them to only latter announce that they've "discovered" a new type of malware... They all do it to build hype around them and drum up business.

21. joey_sfb

Posts: 6794; Member since: Mar 29, 2012

Regardless, it's good that the problem is brought out into the light so that we could work towards a solution and resolution.

24. tech_mate

Posts: 23; Member since: Nov 30, 2016

Can someone please list those apps? Everyone spreads the news but no one list the affected apps.

Latest Stories

This copy is for your personal, non-commercial use only. You can order presentation-ready copies for distribution to your colleagues, clients or customers at https://www.parsintl.com/phonearena or use the Reprints & Permissions tool that appears at the bottom of each web page. Visit https://www.parsintl.com/ for samples and additional information.