On Google Play Store at least 75 apps have been infected by Xavier, a malvertising virus that if it infects smartphones steals all user data
Computer security problems continue within the Android world. Recently, a new vulnerability has been discovered that has been exploited by many hackers for a long time. This flaw currently affects more than 75 applications on the Google Play Store.
The first question is: why is Android so much targeted by cyber criminals? The answer is simple. Google's operating system is the most widely used in the world, even more than Windows. A huge target for hackers. Android almost always uses open-source systems, which is why about 90% of the apps in the Play Store are free. In order to be free of charge, however, most of the apps contain advertisements. And it is precisely these ads that are exploited by hackers to infect users' mobile devices.
Xavier the new Android virus
This is where Xavier comes in. It is a member of the AdDown malware family. Generally used for malvertising campaigns. That is, malicious advertising campaigns. Xavier was first discovered by cybersecurity experts in September 2016. According to Trend Micro researchers, this malware was embedded in at least 75 apps. Most of them are media players, services for downloading MP3 music, and unofficial RAM optimization apps (in the latter case, the damage beyond mockery, considering that these tools are totally useless). Among the areas most affected by the virus is West Asia, but the fact that it is hidden inside 75 applications puts all users at risk. So, there is a real possibility that even in Europe and Italy some consumers have fallen victim to Xavier.
How Xavier works
Xavier has several features that it implements once it infects the smartphone, or tablet. First, in older Android versions, it installs some files on the hardware without notifying the user. At this point it allows the hacker to use the phone remotely. The attacker can then clone the data and information on our smartphone. The real strength of Xavier is that it is difficult to detect with a normal antivirus. Xavier is designed to encrypt data usage and remains inactive when scanned.
How to defend yourself
Our device will only be infected if we install one of the applications that have Xavier malware inside them. Among them are also MP3 Cutter and Ringtone Maker and Fast launchers - Best & Small. The full list of affected apps will also be released soon. It will be good to check it out and see if we might be potential victims. What to do if we have downloaded one of the apps targeted by the hackers? We should immediately delete the app and as a precaution we can delete them from the Google Store right now, to avoid accidentally installing them in the future. Since many cyber criminals change the name of the software house in the Google Play Store once they are discovered, we always try not to install apps from unknown and unfamiliar developers.