The Android ecosystem is yet again shrouded under the dark haze of malware. This time its Xavier – a Trojan based malware. Shortly after the Judy malware disrupted the Android systems infecting over 41 apps, the Xavier is said to have already infected over 800 Android apps.
What is Xavier Malware?
According to the TrendLabs Security Intelligence Blog, which first detected the malware – Xavier has been in action since 2015, previously dubbed as joymobile. Xavier is a smart malware with self-protection mechanism and thus make tracking difficult. Its presence has been found in utility apps like photo editors, ringtone makers and GPS trackers.
An app in the Google Play library containing the Xavier malware Source: TrendLabsThe countries most affected by the malware are Vietnam, Phillipines, and Indonesia, who have made the highest number of download attempts compared to quite a lesser few in the US and Europe.
Why is it more dreadful than Judy?
In the recent past the Judy malware which had been successful in generating revenue with the aid of infected devices, generating large amounts of fraudulent clicks on advertisements. Xavier is much more notorious, which starts by downloading codes from a remote server, then loading and executing it. The worst part of the story remains that, it saves itself from being detected with the help of techniques such as string encryption, Internet data encryption, and emulator detection.
While Judy Malware had affected more than 36.5 million devices, but found in only 40 apps. Compared to this, Xavier has its presence in more than 800 apps and obviously has far reaching implications.
What is the remedy?
TrendLabs has issued a guideline to keep your device safe from Xavier. It suggests:
- not to install apps from unknown sources.
- gather knowledge as much as possible before downloading apps.
- reading the reviews of apps before downloading.
- updating and patching mobile devices.