Beware! Over 800 Android Apps On Google Play Shop Incorporate 'Xavier' Malware

Over 800 dissimilar Android apps that bring been downloaded millions of times from Google Play Store flora to live on infected amongst malicious advertising library that silently collects sensitive user information as well as tin perform unsafe operations.

Dubbed "Xavier," the malicious advertising library, initially emerged inwards September 2016, is a fellow member of AdDown malware family, potentially posing a severe threat to millions of Android users.


Since xc share of Android apps are complimentary for anyone to download, advertising on them is a cardinal revenue source for their developers. For this, they integrate Android SDK Ads Library inwards their apps, which normally doesn't touching on an app's center functionality.

According to safety researchers at Trend Micro, the malicious advertising library comes pre-installed on a broad arrive at of Android applications, including photograph editors, wallpapers as well as ringtone changers, Phone tracking, Volume Booster, Ram Optimizer as well as music-video player.

Features of Xavier Info-Stealing Malware

The previous variant of Xavier Ad library was a unproblematic adware amongst an mightiness to install other APKs silently on the targeted devices, but inwards the latest release, the malware writer has replaced those features amongst to a greater extent than sophisticated ones, including:

• Evade Detection: Xavier is smart plenty to escape from existence analyzed, from both static as well as dynamic malware analysis, past times checking if it is existence running inwards a controlled environs (Emulator), as well as using information as well as communication encryptions.
• Remote Code Execution: The malware has been designed to download codes from a remote Command & Control (C&C) server, allowing hackers to remotely execute whatsoever malicious code on the targeted device.
• Info-Stealing Module: Xavier is configured to pocket devices as well as user related information, which includes user’ e-mail address, Device id, model, OS version, country, manufacturer, sim carte du jour operator, resolution, as well as Installed apps.

According to the researchers, the highest reveal of infected users are from Southeast countries inwards Asia such every bit Vietnam, Philippines, as well as Indonesia, amongst a fewer reveal of downloads are from the the United States of America as well as Europe.

Here is a list of 75 infected Android apps that Google has already removed from its Play Store, as well as if yous bring installed whatsoever of these apps on your device, yous are advised to withdraw it immediately.

Android malware continues to evolve amongst to a greater extent than sophisticated as well as never-seen-before capabilities amongst every passing day. Just final week, nosotros saw starting fourth dimension Android malware amongst code injecting capabilities making rounds on Google Play Store.

How to Protect Yourself

The easiest means to foreclose yourself from existence targeted past times a clever malware similar Xavier, e'er beware of fishy applications, fifty-fifty when downloading them from official Play Store as well as endeavor to stick to the trusted brands only.

Moreover, e'er await at the reviews below left past times other users who bring downloaded the app as well as verify app permissions earlier installing whatsoever app as well as grant those permissions that bring are relevant for the app's purpose.

Last but non the least, yous are strongly advised to e'er maintain a skillful antivirus application on your device that tin discover as well as block such malware earlier they tin infect your device, as well as maintain your device as well as apps up-to-date.