Toggle sidebar Toggle sidebar

Is your Android at risk? Thousands of users in Australia hit by malware apps

VanessaC
By VanessaC
  • Replies 8
In the ever-evolving world of technology, the threat of cybercrime is a constant concern.

Cybersecurity firm McAfee has uncovered a new malicious Android program, dubbed Xamalicious, that has infected over 340,000 devices worldwide, including a significant number in Australia.



This malicious software has infiltrated Android devices through apps available on Google Play, Android’s official mobile app store, and even some unofficial third-party app stores.

McAfee's investigation identified 14 infected apps on Google Play, three of which had at least 100,000 installs each.


SDC Images (7).png
McAfee identified 14 apps affected by the malware on Google Play. Image source: McAfee / Google Play.


Despite Google's swift action in removing these apps, users who installed them from mid-2020 until early-2023 are still at risk of active Xamalicious infections.

This necessitates manual scans and cleanup efforts to ensure the safety of their devices.



The most popular among the infected apps include Essential Horoscope for Android, 3D Skin Editor for PE Minecraft, and Logo Maker Pro.

Other affected apps include Auto Click Repeater, Count Easy Calorie Calculator, Dots: One Line Connector and Sound Volume Extender.

In addition to the apps found on Google Play, a separate set of 12 malicious apps that carried the Xamalicious threat has been identified on unofficial third-party app stores.

These apps infect users via downloadable APK (Android package) files, which anyone can directly download onto their phone and install programs from.

Unfortunately, specific download statistics for these apps are not available, making it difficult to gauge the full extent of the threat.

Furthermore, according to McAfee’s data, most infections have been reported in the United States, Germany, Australia, Spain, Brazil, Mexico, Argentina and the United Kingdom.



Xamalicious is an Android backdoor embedded within apps developed using the open-source Xamarin framework.

This makes code analysis more challenging, allowing it to slip past security measures undetected.

Once installed, Xamalicious requests access to the Accessibility Service of your phone, granting it the ability to perform privileged actions such as navigation gestures, hiding on-screen elements, and self-permission grants.

Xamalicious is capable of executing various commands, gathering device and hardware information, determining the device’s geographic location, identifying emulators, checking root status, listing installed apps, reporting accessibility service permissions and connecting to a remote server to download additional files.

McAfee has also uncovered links between Xamalicious and an ad-fraud app called Cash Magnet, which suggests that the backdoor may engage in ad fraud activities.

This also impacts your phone’s performance and network bandwidth.



Protecting Your Android Device

While Google Play implements measures to combat malware—including initiatives such as the App Defense Alliance—unfortunately, unofficial platforms lack such stringent controls.

This makes them a hotbed for malicious software.

Android users are strongly encouraged to refrain from downloading apps from third-party sources, to stick to essential apps, to read user reviews before installation and to thoroughly vet app developers and publishers.

Full package names for the infected apps can be found below:

yoOp246DV_LQKPEsyIA97wYgbV9yEDBFD_dzan5BsCmGOYMvU8W_lfI1qn2i1xTZ47IjtIkDwk-_ESPHRvE97UPqBIH-ff72nu5sDwJhH5IlIP4SM7jlEi5IeQHoN1ocRDLJy5S4WuVakeOwxXjXCSk


If you have any of these apps installed on your device, it is recommended to uninstall them immediately and run a full system scan.
Key Takeaways
  • McAfee has identified an Android backdoor called Xamalicious, affecting over 340,000 devices through apps on Google Play.
  • Fourteen infected apps were found, with the three most popular apps each reaching 100,000 installations.
  • Users who installed these apps between mid-2020 and early-2023 in Australia and other countries may still have active infections that require manual cleanup.
  • Android users are advised to be cautious, particularly when downloading apps from third-party sources, and to regularly review and scrutinise app developers and publishers.
Have you experienced any issues with your Android device recently? Share your experiences and tips for staying safe online in the comments below.
 
  • Like
  • Angry
Reactions: Ezzy, Col@45, Liz and 3 others
Click to expand...
Sponsored
Sponsored

Seniors Discount Club

Sponsored content
Born Before 1964? You Could Get Affordable Health Cover*
For eligible Aussies, the starting cost of a combined hospital & extras policy comes in at under $24 / week (or $3.39 per day) once the government health rebate has been claimed.
Read more*
Aussies Over 60 Could Get Health Cover From $3.22/Day*
For eligible Aussies, the starting cost of a combined hospital & extras policy comes in at under $23 / week (or $3.22 per day) once the government health rebate has been claimed.
Get A Free Quote*
VanessaC said:
In the ever-evolving world of technology, the threat of cybercrime is a constant concern.

Cybersecurity firm McAfee has uncovered a new malicious Android program, dubbed Xamalicious, that has infected over 340,000 devices worldwide, including a significant number in Australia.



This malicious software has infiltrated Android devices through apps available on Google Play, Android’s official mobile app store, and even some unofficial third-party app stores.

McAfee's investigation identified 14 infected apps on Google Play, three of which had at least 100,000 installs each.


View attachment 38479
McAfee identified 14 apps affected by the malware on Google Play. Image source: McAfee / Google Play.


Despite Google's swift action in removing these apps, users who installed them from mid-2020 until early-2023 are still at risk of active Xamalicious infections.

This necessitates manual scans and cleanup efforts to ensure the safety of their devices.



The most popular among the infected apps include Essential Horoscope for Android, 3D Skin Editor for PE Minecraft, and Logo Maker Pro.

Other affected apps include Auto Click Repeater, Count Easy Calorie Calculator, Dots: One Line Connector and Sound Volume Extender.

In addition to the apps found on Google Play, a separate set of 12 malicious apps that carried the Xamalicious threat has been identified on unofficial third-party app stores.

These apps infect users via downloadable APK (Android package) files, which anyone can directly download onto their phone and install programs from.

Unfortunately, specific download statistics for these apps are not available, making it difficult to gauge the full extent of the threat.

Furthermore, according to McAfee’s data, most infections have been reported in the United States, Germany, Australia, Spain, Brazil, Mexico, Argentina and the United Kingdom.



Xamalicious is an Android backdoor embedded within apps developed using the open-source Xamarin framework.

This makes code analysis more challenging, allowing it to slip past security measures undetected.

Once installed, Xamalicious requests access to the Accessibility Service of your phone, granting it the ability to perform privileged actions such as navigation gestures, hiding on-screen elements, and self-permission grants.

Xamalicious is capable of executing various commands, gathering device and hardware information, determining the device’s geographic location, identifying emulators, checking root status, listing installed apps, reporting accessibility service permissions and connecting to a remote server to download additional files.

McAfee has also uncovered links between Xamalicious and an ad-fraud app called Cash Magnet, which suggests that the backdoor may engage in ad fraud activities.

This also impacts your phone’s performance and network bandwidth.



Protecting Your Android Device

While Google Play implements measures to combat malware—including initiatives such as the App Defense Alliance—unfortunately, unofficial platforms lack such stringent controls.

This makes them a hotbed for malicious software.

Android users are strongly encouraged to refrain from downloading apps from third-party sources, to stick to essential apps, to read user reviews before installation and to thoroughly vet app developers and publishers.

Full package names for the infected apps can be found below:

yoOp246DV_LQKPEsyIA97wYgbV9yEDBFD_dzan5BsCmGOYMvU8W_lfI1qn2i1xTZ47IjtIkDwk-_ESPHRvE97UPqBIH-ff72nu5sDwJhH5IlIP4SM7jlEi5IeQHoN1ocRDLJy5S4WuVakeOwxXjXCSk


If you have any of these apps installed on your device, it is recommended to uninstall them immediately and run a full system scan.
Key Takeaways

  • McAfee has identified an Android backdoor called Xamalicious, affecting over 340,000 devices through apps on Google Play.
  • Fourteen infected apps were found, with the three most popular apps each reaching 100,000 installations.
  • Users who installed these apps between mid-2020 and early-2023 in Australia and other countries may still have active infections that require manual cleanup.
  • Android users are advised to be cautious, particularly when downloading apps from third-party sources, and to regularly review and scrutinise app developers and publishers.
Have you experienced any issues with your Android device recently? Share your experiences and tips for staying safe online in the comments below.
Click to expand...
Digital age bloody parasites get into everything like ant's Google this is not good enough fortunately I haven't downloaded any of these apps get your 💩💩💩💩together Google 🤬🤬🤬🤬🤬🤬
 
  • Like
Reactions: Ricki, terri, DJRayner and 4 others
Shane/# said:
Digital age bloody parasites get into everything like ant's Google this is not good enough fortunately I haven't downloaded any of these apps get your 💩💩💩💩together Google 🤬🤬🤬🤬🤬🤬
Click to expand...
I refuse to even own a mobile phone. Being so deaf I can only use landline on it's highest level. I often wonder why they are called SMART PHONES Haven't even figured out where these emojies (?) are so I can use them.
 
Last edited:
  • Like
  • Love
Reactions: DJRayner, Liz, Knell and 2 others
VanessaC said:
In the ever-evolving world of technology, the threat of cybercrime is a constant concern.

Cybersecurity firm McAfee has uncovered a new malicious Android program, dubbed Xamalicious, that has infected over 340,000 devices worldwide, including a significant number in Australia.



This malicious software has infiltrated Android devices through apps available on Google Play, Android’s official mobile app store, and even some unofficial third-party app stores.

McAfee's investigation identified 14 infected apps on Google Play, three of which had at least 100,000 installs each.


View attachment 38479
McAfee identified 14 apps affected by the malware on Google Play. Image source: McAfee / Google Play.


Despite Google's swift action in removing these apps, users who installed them from mid-2020 until early-2023 are still at risk of active Xamalicious infections.

This necessitates manual scans and cleanup efforts to ensure the safety of their devices.



The most popular among the infected apps include Essential Horoscope for Android, 3D Skin Editor for PE Minecraft, and Logo Maker Pro.

Other affected apps include Auto Click Repeater, Count Easy Calorie Calculator, Dots: One Line Connector and Sound Volume Extender.

In addition to the apps found on Google Play, a separate set of 12 malicious apps that carried the Xamalicious threat has been identified on unofficial third-party app stores.

These apps infect users via downloadable APK (Android package) files, which anyone can directly download onto their phone and install programs from.

Unfortunately, specific download statistics for these apps are not available, making it difficult to gauge the full extent of the threat.

Furthermore, according to McAfee’s data, most infections have been reported in the United States, Germany, Australia, Spain, Brazil, Mexico, Argentina and the United Kingdom.



Xamalicious is an Android backdoor embedded within apps developed using the open-source Xamarin framework.

This makes code analysis more challenging, allowing it to slip past security measures undetected.

Once installed, Xamalicious requests access to the Accessibility Service of your phone, granting it the ability to perform privileged actions such as navigation gestures, hiding on-screen elements, and self-permission grants.

Xamalicious is capable of executing various commands, gathering device and hardware information, determining the device’s geographic location, identifying emulators, checking root status, listing installed apps, reporting accessibility service permissions and connecting to a remote server to download additional files.

McAfee has also uncovered links between Xamalicious and an ad-fraud app called Cash Magnet, which suggests that the backdoor may engage in ad fraud activities.

This also impacts your phone’s performance and network bandwidth.



Protecting Your Android Device

While Google Play implements measures to combat malware—including initiatives such as the App Defense Alliance—unfortunately, unofficial platforms lack such stringent controls.

This makes them a hotbed for malicious software.

Android users are strongly encouraged to refrain from downloading apps from third-party sources, to stick to essential apps, to read user reviews before installation and to thoroughly vet app developers and publishers.

Full package names for the infected apps can be found below:

yoOp246DV_LQKPEsyIA97wYgbV9yEDBFD_dzan5BsCmGOYMvU8W_lfI1qn2i1xTZ47IjtIkDwk-_ESPHRvE97UPqBIH-ff72nu5sDwJhH5IlIP4SM7jlEi5IeQHoN1ocRDLJy5S4WuVakeOwxXjXCSk


If you have any of these apps installed on your device, it is recommended to uninstall them immediately and run a full system scan.
Key Takeaways

  • McAfee has identified an Android backdoor called Xamalicious, affecting over 340,000 devices through apps on Google Play.
  • Fourteen infected apps were found, with the three most popular apps each reaching 100,000 installations.
  • Users who installed these apps between mid-2020 and early-2023 in Australia and other countries may still have active infections that require manual cleanup.
  • Android users are advised to be cautious, particularly when downloading apps from third-party sources, and to regularly review and scrutinise app developers and publishers.
Have you experienced any issues with your Android device recently? Share your experiences and tips for staying safe online in the comments below.
Click to expand...
Depends on how smart the user is !!
 
  • Like
  • Haha
Reactions: Jest, DJRayner, Jarred Santos and 2 others
PattiB said:
Good reason to have an iPhone. We are vigilant about software updates & so far have not experienced any problems & hopefully it continues.
Click to expand...
they are useless to me Patti.......I bought an iphone 2 years ago and finally gave it away as I couldn't even hear it ring which I had to prove to friends was true.
 
  • Like
Reactions: DJRayner
gamiry said:
they are useless to me Patti.......I bought an iphone 2 years ago and finally gave it away as I couldn't even hear it ring which I had to prove to friends was true.
Click to expand...
That’s a shame gamiry iPhones are generally really easy to use though I dislike the way the ringtone is a chime so my son somehow makes mine have a ring like a normal phone. I hear strange music & think it’s someone walking in the street with music going. Hearing loss is a problem for a lot of us more mature people, including my husband. I’m not sure about android computers but my iPad has a key with a smiley face on the keyboard & when you press that up pops all the emojis. Had to explain to Ted about emojis & how to find them.
 
  • Like
Reactions: DJRayner, Knell and Ezzy
You must log in or register to reply here.

Join the conversation

News, deals, games, and bargains for Aussies over 60. From everyday expenses like groceries and eating out, to electronics, fashion and travel, the club is all about helping you make your money go further.
Register Now Member Login

Seniors Discount Club

The SDC searches for the best deals, discounts, and bargains for Aussies over 60. From everyday expenses like groceries and eating out, to electronics, fashion and travel, the club is all about helping you make your money go further.
  1. New members
  2. Jokes & fun
  3. Photography
  4. Nostalgia / Yesterday's Australia
  5. Food and Lifestyle
  6. Money Saving Hacks
  7. Offtopic / Everything else
Full Forum Listing

Latest Articles

  • We believe that retirement should be a time to relax and enjoy life, not worry about money. That's why we're here to help our members make the most of their retirement years. If you're over 60 and looking for ways to save money, connect with others, and have a laugh, we’d love to have you aboard.
  • Advertise with us

Main Menu

Home Privacy policy Terms and rules Contact us

User Menu

Login

Enjoyed Reading our Story?

  • Share this forum to your loved ones.
Community platform by XenForo® © 2010-2023 XenForo Ltd. | Style and add-ons by ThemeHouse | Please note that no information we provide constitutes financial advice. The Seniors Discount Club is a free resource, supported by advertising. We're committed to being 100% transparent & honest about where we make money. If you see an asterisk (*) next to one of our links, it means we have a commercial relationship with that business. SDC may receive a commission on purchases made through our Amazon links. | The Seniors Discount Club is not affiliated with any Australian State and Territory governments. If you are are looking for your state or territories official programs, please select one of the following links: NSW VIC SA WA TAS QLD NT ACT | Media embeds via s9e/MediaSites
Top Bottom
Back
Change Weather Postcode×
Change Petrol Postcode×