Android is part of a new very dangerous malware called Xavier, infecting no less than 800 applications available in Google Play. According to cyber security experts, the Xavier malware is pre-installed in a variety of applications for the Android operating system, with millions of downloads being made for them to date.
Xavier is an old malware that has evolved over time, and from displaying ads in the background on Android terminals, it has now come to do much more complex things. More precisely, in the new version of this malware, Xavier is able not only to display advertisements without the users knowing, but also to run unsigned code, even remotely, to steal information from terminals and to avoid detection with antivirus solutions.
Practically, Xavier has evolved so much that at the moment this malware can infect Android terminals without the user knowing that he has this problem. Xavier was thought of as a malware that can download unsigned code from hackers' servers, which is then run in terminals, and from here on any kind of data can be accessed by these hackers.
Android – Xavier malware has infected Google Play
Xavier can steal from Android terminals information regarding login accounts to various services, emails, terminal identification data, information about the SIM card, data from conversations and just about anything else. Of course, most of the applications infected by Xavier are from Asia, the majority of malware types being designed to attack Android users from this region of the planet.
In the US and Europe there is a smaller number of Android users infected by the Xavier malware, but that doesn't mean they don't have to be careful about what they download to their devices. The biggest problem is that Xavier went undetected by the malware scanners that Google has for the applications it lists in Google Play.
"We have recently discovered a Trojan Android ad library called Xavier that steals and leaks a user's information silently. Based on data from TMMAPS, we detected more than 800 applications embedded in the ad library's SDK that have been downloaded millions of times from Google Play. These applications range from utility apps such as photo manipulators to wallpaper and ringtone changers.”
The only safe solution for Android users to avoid malware like Xavier is to download applications only from "trusted" Google Play users. Drawing a parallel with the App Store, a malware like Xavier would not reach there because, unlike Android, in iOS developers who have applications published by Apple, whether they are reliable or not, cannot publish malware in the titles.
